What does the hiQ Labs vs. LinkedIn Judgement Mean for HR Data?
Who owns your data? What can they do with it? Who are they sharing it with?
These are some of the most important issues facing the Human Resources and Talent Management sector in 2018. They are made more urgent by the prevalence of quasi-public data that is increasingly out of anyone's control.
What do I mean by 'quasi-public data'? The best example is LinkedIn. If someone could aggregate all of the data from your employees that they have shared on LinkedIn, could they get important insights about your company? Would your competitors be interested in this? You can bet they would. Aggregate data on LinkedIn can provide many compelling insights. It can signal strategic direction (what skills are being added) or weaknesses (who is leaving the company). Who has control over this data? Not the company, that is for sure.
The preliminary injunction in the hiQ vs. LinkedIn case throws some light on this. hiQ has been scraping LinkedIn public profiles and applying AI to get insights into companies. They sell two solutions on their website, Keeper for Predictive Attrition (get early signals that people are thinking of leaving) and Skill Mapper, which competes directly with TeamFit.
The TeamFit approach to this is different from hiQ. Initially, we had an API level integration but we discontinued this when LinkedIn changed its API strategy to a walled garden. Currently, we give users guidance on how to download their LinkedIn profile which they can then upload into TeamFit. We are reconsidering scrapping in light of this judgement. What we would prefer is a proper API level integration if LinkedIn ever changes its strategy, recognizes it is a public platform, and gives users real access to and control over their data. As a LinkedIn user I should be able to give a third party the right to access my data. In skill research, we do spend time analyzing trends on LinkedIn, at companies, and in LinkedIn groups but we do not currently do this by scraping.
Back to hiQ vs. LinkedIn. On May 23, 2017 LinkedIn sent hiQ a letter demanding that hiQ "immediately cease and desist all unauthorized data scraping and other violations of LinkedIn's User Agreement." (For an important discussion of the actual legal standing of End User License Agreements read The End of Ownership by Aaron Perzanowski and Jason Schultz. Rather than cave, as many others have, hiQ fought back. And won. At least for now.
The initial injunction turned on a few critical points.
1 . Users have chosen to make their data public, they had the option to make it private.
2 . LinkedIn allows other companies, notably Google, to spider its public data.
3 . LinkedIn mines the data itself and resells what it finds in many ways.
So judge Chen found LinkedIn's arguments muddled. It claims that it is acting to protect the data of its users when in fact it does not do so and uses that data for its own commercial purposes. It claims a violation of the LinkedIn User Agreement, but it is not clear that the User Agreement is relevant here as hiQ is scraping data from the public Internet. In nay case, the enforceability of many items in End User License Agreements is open to challenge (see the book by Perzanowski and Schultz).
LinkedIn is appealing, and with its deep pockets may yet bludgeon hiQ and the rest of the industry into submission. What should happen?I think there are a number of important principles here.
Public data should be public and in today's world that means it should be scrapable and companies should be able to spider it. Public is public. Let's not have one set of rules for the giant's and another for the rest of us.
Individuals should have fine grained control over their own data. We need a better way to say how we are willing to have our data used. There are shades of grey here. Perhaps some sort of mash-up between Open Data and Creative Commons can be developed. Companies like LinkedIn and Facebook should be required to allow individuals to approve API level data integrations with third party applications.
Companies need ways to protect confidentiality. HR data such as learning and skills records will become portable and follow people across companies along their careers. If companies resist this, people will find a way around them (as they have with LinkedIn). HR leadership, needs to lead here, and find the ways to protect their own companies while recognizing the needs and desires of people in a world where talent is mobile.
TeamFit, along with companies like Degreed, believes that people should own their own skill and learning records and that these records should travel with a person across their career. This is in everyone's best inter Ownership of data in a collaborative age: Three unworkable approaches and a way forward and You own your data.
As an individual, what control do you want to have over your LinkedIn data and how it is used?
As an HR and talent leader, what are your concerns about the data about your company that appears on LinkedIn, especially when this is aggregated and possibly published?
How can we combine open data, AI, privacy and data rights in a way that supports all parties and rewards innovation.
This is a challenge for all of us in 2018.