LinkedIn fined 310 million euros by Data Protection Commission
The inquiry was launched by Ireland’s Data Protection Commission, in its role as the lead supervisory authority for LinkedIn.
Your support helps us to tell the story
This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.
The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.
Help us keep bring these critical stories to light. Your support makes all the difference.
Ireland’s data watchdog has fined networking site LinkedIn 310 million euros and ordered it to bring its data processing into compliance with EU law following a probe into how it deals with users’ data.
The Data Protection Commission (DPC) said it concerns the lawfulness and transparency of LinkedIn’s processing of personal data for targeted advertising and behavioural analysis.
The inquiry was launched by the DPC, in its role as the lead supervisory authority for LinkedIn, following a complaint initially made to the French Data Protection Authority.
The inquiry examined LinkedIn’s processing of personal data for the purposes of behavioural analysis and targeted advertising of users who have created LinkedIn profiles.
The decision, which was made by the Commissioners for Data Protection Dr Des Hogan and Dale Sunderland and notified to LinkedIn on October 22, concerns the lawfulness, fairness and transparency of this processing.
The decision includes a reprimand, an order for LinkedIn to bring its processing into compliance, and administrative fines totalling 310 million euros.
In a statement, the DPC said that it submitted a draft decision to the European GDPR co-operation mechanism in July, as required under Article 60 of the regulation.
“No objections to the DPC’s draft decision were raised. The DPC is grateful for the co-operation and assistance of its peer EU/EEA supervisory authorities in this case,” it added.
We are working to ensure our ad practices meet this decision by the IDPC's deadline
The DPC said the processing of personal data should be lawful, but that the consent obtained by LinkedIn by its users was not freely given, sufficiently informed or specific, or unambiguous.
DPC deputy commissioner Graham Doyle said: “The lawfulness of processing is a fundamental aspect of data protection law and the processing of personal data without an appropriate legal basis is a clear and serious violation of a data subject’s fundamental right to data protection.”
The DPC said it will publish the full decision and further related information in due course.
A LinkedIn spokesperson said: “Today the Irish Data Protection Commission (IDPC) reached a final decision on claims from 2018 about some of our digital advertising efforts in the EU.
“While we believe we have been in compliance with the General Data Protection Regulation (GDPR), we are working to ensure our ad practices meet this decision by the IDPC’s deadline.”