LinkedIn has around 600 million users worldwide and that is apparently not enough for the corporate social media platform. The company is doing everything it can to get that number up. It appears that LinkedIn, even before the GDPR was in force here in Europe, bought some 18 million e-mail addresses in order to send targeted Facebook advertisements. A downright infringement of the rules on data protection in other words.
The practices came to light after a report appeared on Friday drafted by the Data Protection Commissioner of Ireland, where it was written about a study conducted on the advertising practices of LinkedIn, after a user complained about this.
During the research, LinkedIn announced that it used approximately 18 million e-mail addresses without the correct permissions. A practice that LinkedIn has stopped in the meantime, as a direct result of the research. Furthermore, it was also known that the company used a special algorithm to propose relevant networks to users, so it would be easier for them to find other professionals.
In order to make up for these breaches, LinkedIn had to delete all personal data that was used in this way before the start of GDPR. The company also apologized publicly. Fines do not come, because these offences date from before the start of GDPR on May 25 and there is, therefore, no legal framework to write these out.
Where the 18 million addresses came from is also unclear and is not explained in the report, but it is quite possible that Microsoft has something in between as owner of the platform.