LinkedIn has been fined €310 million ($335 million) by European Union regulators for violating the General Data Protection Regulation (GDPR). The penalty, announced on October 24, comes after an investigation revealed serious concerns about the company’s handling of personal data for advertising purposes.
Investigation Findings
Ireland’s Data Protection Commission (DPC), which serves as LinkedIn’s lead privacy regulator in the EU, investigated a French Data Protection Authority complaint. The investigation uncovered that LinkedIn lacked a lawful basis for collecting and processing user data for targeted advertising purposes, constituting a clear breach of GDPR regulations.
Regulatory Response
The DPC’s decision includes three key components:
- A substantial fine of €310 million
- A formal reprimand
- An order requiring LinkedIn to bring its data processing practices into compliance
The investigation specifically focused on how LinkedIn processes personal data for behavioral analysis and targeted advertising of its members who have created profiles on the platform.
LinkedIn’s Position
In response to the ruling, LinkedIn has maintained its belief that it was operating within compliance parameters. However, the company is willing to work with regulators to ensure its advertising practices align with GDPR requirements.
