LinkedIn Faced Probe For Facebook Ads Targeting 18 Million Non-Members
The investigation covered the activities of the Microsoft-owned professional networking platform during the first six months of 2018.
LinkedIn Expands Its Document Upload Feature (Image: REUTERS/Robert Galbraith/File Photo)
An investigation by Ireland's Data Protection Commission (DPC) found that LinkedIn had processed hashed email addresses of approximately 18 million non-LinkedIn members and targeted these individuals on Facebook without necessary permission, a new report has revealed. The investigation covered the activities of the Microsoft-owned professional networking platform during the first six months of 2018, The Verge reported on Saturday.
In its report published on Friday, DPC said that it concluded its audit of LinkedIn Ireland Unlimited Company (LinkedIn) in respect of its processing of personal data following an investigation of a complaint notified to the DPC by a non-LinkedIn user. The complaint concerned LinkedIn's obtaining and use of the complainant's email address for the purpose of targeted advertising on the Facebook.
The investigation revealed that that LinkedIn Corporation in the US did not have the required permission from the data controller - LinkedIn Ireland -- to process hashed email addresses of 18 million non-LinkedIn members. The complaint was ultimately "amicably resolved", with LinkedIn implementing a number of immediate actions to cease the processing of user data for the purposes that gave rise to the complaint, DPC said in its report.
However, the body was "concerned with the wider systemic issues identified" in its report, and undertook a second audit to see if LinkedIn had adequate "technical security and organisational measures." DPC found that the site was "undertaking the pre-computation of a suggested professional network for non-LinkedIn members," and ordered them to stop and delete associated data that existed prior to May 25 of this year, the day when General Data Protection Regulation (GDPR) came into effect.
"We appreciate the DPC's 2017 investigation of a complaint about an advertising campaign and fully cooperated," Denis Kelleher, Head of Privacy, Europe, the Middle East and Africa, for LinkedIn, told TechCrunch in a statement. "Unfortunately the strong processes and procedures we have in place were not followed and for that we are sorry. We've taken appropriate action, and have improved the way we work to ensure that this will not happen again," Kelleher said.
As TechCrunch pointed out LinkedIn did not get fined in this process because until the implementation of GDPR at the end of May, the regulator had no power to enforce fines. It is still not clear how LinkedIn got hold of those 18 million email addresses.
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Recommended For You
- Ira Khan Shares Adorable Pictures with Dad Aamir Khan, Calls Him Couch-Buddy
- Lilly Singh Hosting 'The Late Night Show' is the Desi Representation We've Been Waiting For
- Priyanka Chopra Admits Having a Baby With Nick Jonas is on Her 'To-Do-List'
- Xiaomi Mi TV 4X 65-inch Launched Alongside Mi TV 4X 50-inch, 4X 43-inch and 4A 40-inch
- Tamil Nadu's New EV Policy Seeks Full Road Tax Exemption for Electric Vehicles Until 2022