THE DATA PROTECTION watchdog has fined LinkedIn Ireland €310 million.
It follows an inquiry which examined LinkedIn’s processing of personal data for the purposes of behavioural analysis and targeted advertising.
The Irish Data Protection Commission (DPC) said the decision concerns the “lawfulness, fairness and transparency of this processing” of data of users who have created LinkedIn profiles.
The DPC submitted a draft decision to the GDPR cooperation mechanism in July 2024 and no objections were raised.
DPC Deputy Commissioner Graham Doyle today said that the “lawfulness of processing is a fundamental aspect of data protection law”.
He added that “the processing of personal data without an appropriate legal basis is a clear and serious violation of a data subjects’ fundamental right to data protection”.
The personal data in question encompassed first-party data provided directly to LinkedIn by its members and data obtained via its third-party partners relating to its members.
The inquiry commenced on 20 August 2018, following a complaint made by the French non-profit organisation, La Quadrature Du Net.
The complaint was initially made to the French Data Protection Authority and thereafter provided to the DPC in its role as the lead supervisory authority for LinkedIn, which acts as the controller for the processing of personal data at issue since LinkedIn’s European headquarters are in Dublin.
A spokesperson for LinkedIn today said: “While we believe we have been in compliance with GDPR, we are working to ensure our ad practices meet this decision by the DPC’s deadline.”
To embed this post, copy the code below on your site
have your say