LinkedIn has been paid €310 million in the EU after the Irish Data Protection Commission (DPC) determined it had improperly analyzed the behavior of members’ personal data for targeted advertising. He faces a fine of $34 million. The ruling found that LinkedIn did not obtain appropriate consent, demonstrate a legitimate interest, or demonstrate a contractual need to process the data it and third parties collected. By doing so, they claim that they have violated the GDPR.
The DPC also reprimanded LinkedIn and ordered it to collect all data in a compliant manner. “The lawfulness of processing is a fundamental aspect of data protection law, and the processing of personal data without an adequate legal basis is a clear and serious violation of the data subject’s fundamental right to data protection.” DPC Deputy Commissioner Graham Doyle said.
The decision stems from a 2018 complaint by French nonprofit La Quadrature Du Net and an initial investigation into whether LinkedIn processed users’ personal data lawfully, fairly and transparently. There is. The matter was initially raised with the French Data Protection Authority, but as LinkedIn’s European presence is in Ireland, it was forwarded to the DPC.
