The Irish Data Protection Commission (DPC) has fined LinkedIn €310m for violating the EU’s General Data Protection Regulation (GDPR) by failing to inform users how their data was being used for behavioral analysis and targeted advertising. The DPC found that LinkedIn did not obtain valid consent from users and that its interests were prioritized over users’ fundamental rights and freedoms. In addition to the hefty fine, LinkedIn received a formal reprimand and must ensure full compliance with GDPR regulations. This case originated from a complaint filed in 2018 by a French digital rights organization, which was referred to Ireland where LinkedIn’s European headquarters are located. This marks the sixth significant fine issued for GDPR breaches, with the largest being a €1.55 billion penalty imposed on Meta in 2023. Deputy Commissioner Graham Doyle emphasized the importance of processing personal data lawfully, stating that processing without a legal basis is a serious violation of data subjects’ fundamental right to data protection. The fine serves as a reminder to companies to prioritize user privacy and adhere to GDPR regulations to avoid costly penalties.
Source
Photo credit www.euronews.com