Our examination revealed total 31 items, where were 13 DAR items and 18 DIT items. Among DAR items 0 best items found and among DIT items 2 best items found. Also 0 worst items found and 0 worst items found. This application is available for iOS here. This app makes helps the people to communicate to each other building your professional network, telling your professional story and staying up to date with the latest industry news.

The latest build was released on Jun 30, 2016. Let's cite the description of this application below:

Connect to people. Connect to Opportunity. The LinkedIn app makes it easier to connect to the people and things that matter in your professional world. Accelerate your success by: - finding people and jobs - getting updates on your professional industry and interests - telling your story and building your professional brand - growing your network - reaching out to people

Protection levels.

Locally stored data (Data-at-Rest, DAR). Locally stored data groups include Media Information, Address Book 'n' Contact Information, Message Information, Personal 'n' Private Information, Credentials Information, Account Information, Social Information. The average DAR value is 4.04 points (7.00 points of system protection and 1.08 points of own protection). It is higher than a typical value (3.5 points, where's 7 points of system protection and 0 points of own protection).

Items #1 with average value 7.00 points (7 points of system protection, 7 points of own protection) means data protection levels have following definitions. Frankly talking, complianced but there are publicly known techniques to access the data where system protection case - root/jailbreak is required but not possible without wiping device data, and own protection case - data is not available in backups.

- Screen Snapshots ('Media Information' Group) - Screenshots of your device screen running certain apps (by default available for iOS device but happens for any 3rd party apps that have such features). This data item related to mentioned group meant to be lot of data like photo, image, video, audio, - Media Data ('Address Book 'n' Contact Information' Group) - Any kind of info like images, audios, videos, media notes, etc. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even

Items #2 with average value 3.50 points (7 points of system protection, 0 points of own protection) means data protection levels have following definitions. Frankly talking, extra data found that shouldn't be accessed where system protection case - root/jailbreak is required but not possible without wiping device data, and own protection case - stored as is.

- Account Data ('Address Book 'n' Contact Information' Group) - Basic info about account like name, list of sub-account (e.g. financial or other) and some linked data like a phone number. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Media URLs ('Address Book 'n' Contact Information' Group) - URLs related to media info such as stream media or profile's media, etc. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Messages ('Message Information' Group) - Different types of messages, conversations except SMS, MMS but incl. recipient & sender IDs and attachments. This data item related to mentioned group meant to be all type of message, incl. SMS, MMS, social & IM messages with or without attachments, - Account Data ('Message Information' Group) - Basic info about account like name, list of sub-account (e.g. financial or other) and some linked data like a phone number. This data item related to mentioned group meant to be all type of message, incl. SMS, MMS, social & IM messages with or without attachments, - Media URLs ('Message Information' Group) - URLs related to media info such as stream media or profile's media, etc. This data item related to mentioned group meant to be all type of message, incl. SMS, MMS, social & IM messages with or without attachments, - Personalization ('Personal 'n' Private Information' Group) - Info describes user preferences, favourites, tracked data, search requests, suggestions, etc. This data item related to mentioned group meant to be any kind of personal and private info not grabbed from the 3rd party social networks or your ids, - Credentials (IDs) ('Credentials Information' Group) - Only account IDs like app or 3rd party user IDs incl. emails, phone number, usernames and etc. (depends on apps). This data item related to mentioned group meant to be any types of credentials incl. basic (ids only), passwords, tokens, etc., - Media URLs ('Account Information' Group) - URLs related to media info such as stream media or profile's media, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Account Data ('Account Information' Group) - Basic info about account like name, list of sub-account (e.g. financial or other) and some linked data like a phone number. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Credentials (IDs) ('Social Information' Group) - Only account IDs like app or 3rd party user IDs incl. emails, phone number, usernames and etc. (depends on apps). This data item related to mentioned group meant to be info grabbed from 3rd party social networks, - Credentials (Tokens) ('Credentials Information' Group) - Different tokens used to get an access to your account except passwords but incl. app or 3rd party tokens, secret keys and etc. (usually give a full access to your account). This data item related to mentioned group meant to be any types of credentials incl. basic (ids only), passwords, tokens, etc.

Also, keep in mind, using jailbroken device means the system protection level is 0 points and you're using out-of-dated iOS < 8.3 the system protection level is 2 points. If some data marked as shareable via iTunes, then the system protection level is 4 points.

Transferred data (Data-in-Transit, DIT). Transferred data groups include Credentials Information, Account Information, Address Book 'n' Contact Information, Message Information, Personal 'n' Private Information, Social Information. The average DIT value is 4.00 points (4.00 points of system protection and 4.00 points of own protection). It equals to a typical value (4 points, where's 4 points of system protection and 4 points of own protection).

Items with average value 4.00 points (4 points of system protection, 4 points of own protection) means data protection levels have following definitions. Frankly talking, data available if it's allowed only and may require user action where system protection case - informs if fake certificate imported into a device, and own protection case - bypassed by fake/stolen root certificates (doesn't check certificate path). - Credentials (IDs) ('Credentials Information' Group) - Only account IDs like app or 3rd party user IDs incl. emails, phone number, usernames and etc. (depends on apps). This data item related to mentioned group meant to be any types of credentials incl. basic (ids only), passwords, tokens, etc., - Credentials (Passwords) ('Credentials Information' Group) - Well known passwords or PINs you're using to get an access to your account (usually worse than tokens because gives a full access to your account). This data item related to mentioned group meant to be any types of credentials incl. basic (ids only), passwords, tokens, etc., - Credentials (Tokens) ('Credentials Information' Group) - Different tokens used to get an access to your account except passwords but incl. app or 3rd party tokens, secret keys and etc. (usually give a full access to your account). This data item related to mentioned group meant to be any types of credentials incl. basic (ids only), passwords, tokens, etc., - Account Details ('Account Information' Group) - Full info about your account incl. account membership, expiration, profile, linked data and account, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Media URLs ('Account Information' Group) - URLs related to media info such as stream media or profile's media, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Contact Profile ('Address Book 'n' Contact Information' Group) - Full info about contacts incl. name email id, phone numbers, gender, linked accounts, GEO data, stream and social activity. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Media URLs ('Address Book 'n' Contact Information' Group) - URLs related to media info such as stream media or profile's media, etc. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Media Data ('Account Information' Group) - Any kind of info like images, audios, videos, media notes, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Work/Edu History ('Account Information' Group) - Basic info about job titles, date and times, company names. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Work/Edu Details ('Account Information' Group) - Full info about your or friend work/edu activity, incl. job titles, company names, references, reviews, projects, public materials, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Messages ('Message Information' Group) - Different types of messages, conversations except SMS, MMS but incl. recipient & sender IDs and attachments. This data item related to mentioned group meant to be all type of message, incl. SMS, MMS, social & IM messages with or without attachments, - Media Data ('Address Book 'n' Contact Information' Group) - Any kind of info like images, audios, videos, media notes, etc. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Work/Edu Details ('Address Book 'n' Contact Information' Group) - Full info about your or friend work/edu activity, incl. job titles, company names, references, reviews, projects, public materials, etc. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Work/Edu History ('Address Book 'n' Contact Information' Group) - Basic info about job titles, date and times, company names. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Stream ('Address Book 'n' Contact Information' Group) - Any kind of social or another stream activity incl. posts, walls, etc. This data item related to mentioned group meant to be info stored locally, cached or transferred over the network and belong to this application if it's social even, - Stream ('Account Information' Group) - Any kind of social or another stream activity incl. posts, walls, etc. This data item related to mentioned group meant to be any info related to profiles, basic credential ids like email or username or phone number plus some more info depends on applications, - Personalization ('Personal 'n' Private Information' Group) - Info describes user preferences, favourites, tracked data, search requests, suggestions, etc. This data item related to mentioned group meant to be any kind of personal and private info not grabbed from the 3rd party social networks or your ids, - Credentials (IDs) ('Social Information' Group) - Only account IDs like app or 3rd party user IDs incl. emails, phone number, usernames and etc. (depends on apps). This data item related to mentioned group meant to be info grabbed from 3rd party social networks

Keep in mind if you're using out-of-dated iOS < 9.0, the system level equals 2 points instead of 4. It means your data can be stolen without involving your actions.

Below you find two infographics summarizing what we described above.

First pic includes info about data items combined into groups and best protected items found.

Second pic includes info about data items separately from group and worst protected items found

Privacy Policy Full application privacy policy is available here.

According to the privacy policy link, it was last revised on October 23, 2014. This Privacy Policy applies to LinkedIn.com and the LinkedIn mobile application, SlideShare.net and SlideShare mobile app (“SlideShare”), Pulse.me and Pulse mobile app (“Pulse”), LinkedIn platform technology (such as “Share on LinkedIn” plugins for publishers), the advertising platform created by Bizo Inc. (and its successor products) and all other LinkedIn websites, apps, developer platforms and other products and services (collectively the “Services”).

Developers provide high detailed privacy policy and highlight OS dependent differences on collecting customer data. Let's examine it.

1.2. Registration To create an account on LinkedIn, you must provide us with at least your name, email address and/or mobile number, and a password and agree to our User Agreement and this Privacy Policy, which governs how we treat your information. You may provide additional information during the registration flow (for example, your postal code, job title, and company) to help you build your profile and to provide you more customized services (for example: language-specific profile pages, updates, content, more relevant ads and career opportunities).

This category covers basics data items like credentials aka login = email, password. Stored locally in backup and assigned for av. 3.5th level (7 - system, 0 - own). Talking about transit data items the protection is average 4th level (4 - system, 4 - own).

1.3. Profile Information After you create an account (other than the distinct SlideShare and Pulse accounts), you may choose to provide additional information on your LinkedIn profile, such as descriptions of your skills, professional experience, and educational background. You can list honors, awards, professional affiliations, Group memberships, networking objectives, companies or individuals that you follow, and other information including content. Subject to the settings you choose, your connections may provide recommendations and endorsements of you.

Here we have account data referred to customer of developer's app. It covers his account data account media URLs. Everything stored in backup files and got the average level 3.5 points (7 - system, 0 - own). Additionally media data either customer of app, or his connections are stored outside of backup and requires jailbreak to get access it. It got average 7th level (7 - system, 7 - own). Talking about transit data items the protection is average 4th level (4 - system, 4 - own).

1.4. Address Book and Other Services That Sync with LinkedIn You may use our address book or “contacts” importer (or other similar features) to upload your address book into our Services. We store this information (including phone numbers) and use it to help you manage and leverage your contacts in connection with our Services.

Same data category as we mentioned above the section Privacy Policy. Here we found stored locally account data, account media URLs. Everything stored in backup files and got the average level 3.5 points (7 - system, 0 - own). Additionally media data either customer of app, or his connections are stored outside of backup and requires jailbreak to get access it. It got average 7th level (7 - system, 7 - own). Talking about transit data items the protection is average 4th level (4 - system, 4 - own).

1.5. Customer Service

Not relevant part of our investigation

1.6. Using the LinkedIn Sites and Applications We collect information when you use (whether as a Member or a Visitor) our websites, applications, our platform technology (such as “Share on LinkedIn” plugins for publishers) or other Services. For example, we collect information when you view or click on ads on and off our Services, perform a search, import your address book, join and participate in groups, participate in polls, install one of our mobile applications, view content on Pulse or SlideShare, share articles on our Services and apply to jobs through our Services. If you are logged in on LinkedIn.com, SlideShare.net, the Pulse app or another Service or one of our cookies on your device identifies you, your usage information and the log data described in Section 1.10 of this policy, such as your IP address, will be associated by us with your account. Even if you’re not logged into a Service, we log information about devices used to access our Services, including IP address.

This section indicates inter-services communication and logging all kind activity. However, nothing related to this was not found

1.7. Using Third-Party Services and Visiting Third-Party Sites

It might relevant to the mobile apps except 1.9 Ads third-party services

1.8. Cookies

This section related to web-based application such as your browser

1.9. Advertising Technologies and Web Beacons

Unfortunately, we didn't these data types during our investigation

1.10. Log Files, IP Addresses, and Information About Your Computer and Mobile Device we automatically receive the URL of the site from which you came or the one to which you are directed. Also, advertisers receive the URL of the page that you are on when you click an ad on or through our Services. We also receive the internet protocol (“IP”) address of your computer or the proxy server that you use to access the web, your computer operating system details, your type of web browser, your mobile device (including your mobile device identifier provided by your mobile device operating system), your mobile operating system (if you are accessing LinkedIn using a mobile device), and the name of your ISP or your mobile carrier. We may also receive location data passed to us from third-party services or GPS-enabled devices that you have set up, which we use to show you local information (for example, Pulse articles about your area or jobs postings in your location) on our mobile applications and for fraud prevention and security purposes. Most mobile devices allow you to prevent real time location data being sent to us, and of course we will honor your settings. In the case of our Android apps, you will be provided notice of the types of data (e.g. location) that will be sent to us. If you choose to use our app after this notice, we process this data to enable registration or preview product features for you (e.g. jobs near you). If you choose not to become a Member, we will delete this information.

Unfortunately, we didn't these data types during our investigation

4.5. Security We have implemented security safeguards designed to protect the personal information that you provide in accordance with industry standards. Access to your data on our Services is password-protected, and data such as credit card information is protected by SSL encryption when it is exchanged between your web browser and the Services. We also offer secure https access to the LinkedIn.com website. To protect any data you store on our servers, we also regularly monitor our system for possible vulnerabilities and attacks, and we use a tier-one secured-access data center. However, since the Internet is not a 100% secure environment, we cannot ensure or warrant the security of any information that you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. Please note that emails, instant messaging, and similar means of communication with other Members are not encrypted, and we strongly advise you not to communicate any confidential information through these means. Please help keep your account safe by using a strong password.

Yes, that's true, developers implemented SSL and the Internet is not a 100% secure environment, they cannot ensure or warrant the security of any information that you transmit to us. However, we saw better protected mobile apps

Additionally, user policy mentioned in paragraph 1.2 is available here.

2.5. Messages and Sharing Our Services allow messaging and sharing of information in many ways, such as your profile, slide deck, links to news articles, job postings, InMails and blogs. Information and content that you share or post may be seen by other Members or, if public, by Visitors. Where we have made settings available, we will honor the choices you make about who can see content or information (e.g., sharing to a group instead of your network, changing the default setting for SlideShare content from public to a more restricted view, limiting your profile visibility, or not letting people know when you change your profile, make recommendations or follow companies). Note that other activities, such as applying for a job or sending an InMail, are by default private, only visible to the addressee(s).

If assume that sharing means social stream, then it covers message, account information related to message section (because you can see profiles of people near the yours messages), and social steam activities. Stored locally and assigned for average 3.5th level. Talking about transit data items the protection is average 4th level (4 - system, 4 - own).

What was missed on our opinion. It doesn't mean the developers didn't mentioned it at all but in terms they describe everything we didn't find out the following items: - Work & Education information - Personalization related to your search activities First one found only in traffic and assigned for average 4th level of protection. Personalization was found in traffic and locally and assigned for 3.5th level

Thanks for staying with us, your Privacymeter Team!

#AppStore #appdata #LinkedIn #privacymeteronline #privacymeter #Privacy #privacypolicy #averageapp #iOS #leakage #mediumprotected