LinkedIn and Google are now facing a proposed class-action lawsuit over allegations that they improperly received confidential health data from California’s state-run health insurance exchange, Covered California. The lawsuit, filed in the Northern District of California, stems from an investigation by CalMatters and The Markup, which uncovered how web trackers on Covered California’s website were transmitting sensitive user information to LinkedIn and Google—without consent.
According to the investigation, Covered California’s website contained tracking tools, including LinkedIn’s Insight Tag, which collected data on visitors as they filled out forms. This data included highly sensitive health information, such as whether users were pregnant, blind, transgender, or had experienced domestic abuse. The trackers also monitored searches for medical providers and prescription drug usage.
The government entity that operates Covered California has since removed the trackers, claiming they were part of an advertising campaign that began in February 2024. However, the lawsuit alleges that LinkedIn and Google knowingly intercepted this data without user consent, violating California’s Invasion of Privacy Act and the federal Electronic Communications Privacy Act.
The lawsuit was filed by an anonymous California woman, who claims she entered personal health information on Covered California’s website in June 2024, only to have that data transmitted to LinkedIn and Google. The suit seeks to represent all users whose data was improperly shared, potentially leading to massive legal consequences for both companies.
The law firm handling the case, Bursor & Fisher, specializes in class-action lawsuits and previously secured a $100 million settlement from Google over privacy violations in 2022.
What Does This Mean for Microsoft?
While Google is no stranger to privacy lawsuits, LinkedIn’s involvement raises bigger questions for Microsoft, which owns the professional networking platform. As the arbiter of LinkedIn, Microsoft may face increased scrutiny over how its subsidiary handles user data.
Microsoft has largely avoided major privacy scandals in recent years, but this lawsuit could change that narrative. If LinkedIn is found liable, Microsoft may need to reassess its data policies, potentially leading to stricter regulations across its platforms.
Additionally, this case could set a precedent for how third-party trackers are used in government-run websites. If LinkedIn and Google are found guilty, it may force tech companies to rethink their advertising and data collection practices—especially when dealing with sensitive health information.
This lawsuit is shaping up to be a major privacy battle, with potential ramifications for Microsoft, Google, and the broader tech industry. As the case unfolds, it will be interesting to see whether LinkedIn and Google can defend their actions or if this becomes another landmark ruling in digital privacy law.
For now, one thing is clear: users are watching, regulators are watching, and the stakes are high.
What do you think—should Microsoft take more responsibility for LinkedIn’s data practices?
