Possible Linkedin violation of Data Protection

I’m a happy Linkedin user and find interesting the news that Microsoft acquired it. They can make a good couple. And I think it can be a strategic partnership. The benefits will be both for the two companies and for the users.

That said, I think all companies should stay ahead of the rules, and tech giants as well, like Linkedin is.

Following the rules is not just a moral exercise, but a good way, most of the times the only one, to do good business.

But let’s get deeper into the matter. As a Tech Crunch article reported last week, Linkedin might have done a serious data protection violation recently.

In short, Linkedin would have ammitted to have misused up to something like 18 million email addresses. Users who were not already members of it, in a way that is not transparent.

The details were revealed by the Data Protection Commissioner of Ireland which is in charge of checking “Linkedin Ireland”. The Data Controller.

The Data Controller is an organization internal or external to the company which is responsible for Data Protection. He must report to the GDPR’s commissioners. Read the GDPR regulation for further details.

And here “not transparent” means: “with the absence of instruction from the Data Controller”.

What happened, what could happen next

According to the Irish DPC, Linkedin used these 18 million users’ emails in a hashed form, for targeted advertisements on the Facebook platform. Linkedin ceased this practice as a result of the DPC’s investigation.

In all this incident, the DPC did not fine Linkedin. This is because prior to this year’s May, the Data Protection Commissioner had no statutory power to impose fines under the Data Protection Acts 1988 and 2003.

That is why, we suppose, LinkedIn, Facebook and others as a result of GDPR coming into effect, moved data processing form Ireland to the US.

But the first thing we wanna know is: how did Linkedin get hold of those 18 million email addresses?

If you can’t think of it, it might be by that functionality that allows the social network to search into your email address book, if you give access to it.

Maybe that kind of emails addresses are taken by the Linkedin App when you install it and give access to your phone address book. But who really knows?

What is more controversial though, and funny, is the way that Linkedin suggests possible connections to you. It is not clear the way that its algorithm can calculate possible users to connect with, based only on your likes, preferences and other connections.

In my personal experience those suggestions nearly never worked. It’s up to you to give them a try, but be careful, you can be flagged if you overdo it.

Did you like this post? Please share it on your preferred social network, thank you!