LinkedIn gets GDPR fine of 310 million euros

Ireland’s privacy watchdog has penalized LinkedIn for violations of GDPR laws in processing personal data. The company will have to pay 310 million euros.

The Irish Data Protection Commission (DPC) confirmed the ruling with a press release. LinkedIn was sued in 2018 by a French nonprofit. Because LinkedIn’s European headquarters is in Dublin, the suit landed on the DPC’s desk. That imposed a fine of 310 million euros on LinkedIn.

DPC found multiple violations of the GDPR law by LinkedIn in the way it collects and processes user account data for personalized ads. First, it ruled that the legal basis LinkedIn relies on to use the data is invalid. LinkedIn is also insufficiently transparent to users about what happens to their data.

LinkedIn stopped short , saying, “While we believe we have complied with the GDPR, we are working to ensure that our advertising practices comply with this decision before the IDPC’s deadline.” The company will be fined and must make the necessary changes within three months.

No first offense

This is not the first time LinkedIn has come under scrutiny for not properly processing personal data. Back in 2018, DPC slammed LinkedIn for using email addresses of millions of people, who did not even have an account on the platform, to purchase ads from Facebook. Those who don’t want to hear should pay.

Nevertheless, LinkedIn does not seem to have learned its lesson yet. The company uses user data to train its AI models, and even now it is loudly questioning whether this is done in accordance with privacy laws. Test Acquisition filed a complaint against LinkedIn for this.