LinkedIn’s data practices are being called into question following the release of a report on Friday. The report, by Ireland’s Data Protection Commissioner, covered data activity in the first 6 months of the calendar year.
Tech Crunch recently broke down the data protection report, which covered many of the past years biggest scandal (Facebook, Whats app, Yahoo). The report also revealed some of LinkedIn’s unknown data practices for the first time. In total there were two main infractions. Both of which violate data protection.
Using Emails for Targeted Ads on Facebook
It seems as if LinkedIn used over 18 million emails at their disposal to get more people to sign up for the service. Their main practice boils down to them using the emails to target ads towards the users on Facebook. This was, of course, done without permission from the “data controller”.
According to the report, the issue was cordially resolved.
“with LinkedIn implementing a number of immediate actions to cease the processing of user data for the purposes that gave rise to the complaint.”
Using Personal Information to Enhance Connection Building
Following this, the DPC dug deeper in their audit. They learned LinkedIn was using their social algorithms to create better outcomes for users looking to build their networks. LinkedIn acted swiftly and made plans to adjust their methods before May 25th (the start of GDPR).
LinkedIn gave the following response to the audit’s discovery
“Unfortunately the strong processes and procedures we have in place were not followed and for that we are sorry. We’ve taken appropriate action, and have improved the way we work to ensure that this will not happen again. During the audit, we also identified one further area where we could improve data privacy for non-members and we have voluntarily changed our practices as a result.”
It seems as if they are not only willing to cooperate, but they are going the extra mile to ease any regulators.
Now that GDPR is in effect many would expect to witness LinkedIn fined for implementing these practices in the first place. However LinkedIn, amongst other companies, moved their data processing from Ireland to the US. Some believe that this was an act to protect themselves from any slaps on the wrist caused by GDPR, rather than only streamlining workflow.
One of the biggest questions left open is where did LinkedIn acquire the 18 million emails in the first place? The information was not disclosed in the report.
Make sure you are keeping track of the way companies handle your data. Educate yourself by tapping into the digital you at ScoresMatter.