The Irish Data Protection Commission Slaps LinkedIn with Record Breaking Fine
LinkedIn, the popular professional networking platform, is now facing a staggering €310m ($336m) fine from the Irish Data Protection Commission (DPC) for breaching the EU’s General Data Protection Regulation (GDPR). This hefty penalty is a result of the company’s questionable advertising practices that have been under scrutiny since 2018.
The incident was triggered by a complaint filed by a French non-profit organization, La Quadrature Du Net, which led to an investigation by the French data protection authority (CNIL). The inquiry focused on the way LinkedIn processed users’ personal data for behavioral analysis and targeted advertising, raising concerns about privacy and transparency.
The DPC, acting as the lead supervisory authority for LinkedIn in the EU, determined that the company was violating several key aspects of GDPR, including the requirement to obtain explicit user consent for processing third-party data, ensuring legitimate interests for first-party data processing, and collecting personal data in a fair manner.
In response, the DPC issued a groundbreaking fine of €310m along with a reprimand and an order for LinkedIn to rectify its data processing practices to comply with GDPR regulations. While LinkedIn has acknowledged the decision, it remains unclear if the company will challenge the penalty.
LinkedIn stated, “Today the Irish DPC reached a final decision on claims from 2018 about some of our digital advertising efforts in the EU. While we believe we have been in compliance with the GDPR, we are working to ensure our ad practices meet this decision by the DPC’s deadline.”
For more information on data protection regulations and privacy violations, read more here.