LinkedIn has since been fined 310 million euros ($334 million) in the EU Irish Data Protection Commission (DPC) found that it was conducting improper behavioral analysis of its members’ personal data for targeted advertising. This decision alleges that LinkedIn violated the terms GDPR by not obtaining the necessary consent, demonstrating a legitimate interest or contractual necessity for the processing of the data collected by it and third parties.
DPC also announced a reprimand LinkedIn and ordered to collect all information accordingly. DPC Deputy Commissioner Graham Doyle said: “The lawfulness of processing is a key aspect of data protection law and processing personal data without an appropriate legal basis is a clear and serious breach of data subjects’ fundamental right to data protection.”
The decision stems from a 2018 complaint by French nonprofit La Quadrature Du Net and a preliminary investigation into whether LinkedIn processes its users’ personal data legally, fairly and transparently. The matter was first raised with the French Data Protection Authority and then referred to the DPC as LinkedIn’s European base is Ireland.
“LinkedIn” spokesperson shared a statement in this regard Engadget in response to the decision: “Today, the Irish Data Protection Commission (IDPC) reached a final decision on allegations related to some of our digital advertising efforts in the EU from 2018. We believe that we comply with the General Data Protection Regulation (GDPR), and we believe that our advertising practices are compliant with the IDPC’s We are working to ensure that it responds to this decision by the deadline.”
Update, October 24, 2024, 9:12 a.m. ET: This article has been updated to include a statement from LinkedIn.
