This is a decision that LinkedIn would have done well without. The professional social network has just received a fine of 310 million euros this Thursday, October 24 for having violated the European data protection regulation (GDPR) in terms of targeted advertising.
A six-year-old affair
The judgment was handed down by the Irish Data Protection Commission (DPC), acting as an intermediary for the European Union. The authority now requires that the Microsoft platform bring its data processing into compliance with legislation within the next three months.
This verdict follows a complaint filed in 2018 by the French association for the defense and promotion of rights and freedoms on the Internet, Quadrature du Net. It brought together 12,000 people for the occasion and also denounced companies such as Google, Apple, Facebook and Amazon.
The tricolor organization requested in particular “the ban on behavioral analysis and advertising targeting processing” and targeted certain problematic clauses and configurations.
Commenting on the decision, Assistant Data Protection Commissioner, Mr Graham Doyle, explained:
The lawfulness of processing is a fundamental aspect of data protection law. The processing of personal data without an appropriate legal basis constitutes a clear and serious violation of the data subject’s fundamental right to data protection.
When questioned, LinkedIn did not fail to react. Quoted by Techcrunchthe social network thus underlines:
Today, the Irish Data Protection Commission (DPC) made a final decision on 2018 complaints regarding some of our digital advertising efforts in the EU. Although we believe we have been in compliance with the General Data Protection Regulation (GDPR), we are working to ensure that our advertising practices comply with this decision before the deadline set by the DPC.
In any case, this is a relatively significant sanction which places the platform in the top 10 of the largest GDPR sanctions against large technology companies. It is also the largest fine received by the social network since its creation.
The GDPR hits the GAFAM portfolio
According to a study by the company NordLayer, parent company of NordVPN concerning the application of the GDPR, this regulation resulted in more than 2000 sanctions. As of March 2024, the total fines imposed exceeded 4.5 billion euros. Among the companies that have suffered the most are well-known web giants such as Meta and Google. More information here.
