Privacy and data protection seem to be the last thing that you would think about when reaching out to a peer group. You’ll be exchanging ideas about issues as divergent as architecture and engineering or public relations and aquiculture. But LinkedIn seems to have other ideas – it’s not about the discourse – it’s all about the data.
When it was established, LinkedIn provided a service for professionals and business owners to reach out and interact with each other. But then, as the relationship with Microsoft, which began in June at a purchase price of $26.2 billion was initiated, things got a bit (to use one of Facebooks status allowances) ‘complicated’.
So, things got a bit complicated for LinkedIn when it was accused of gathering 18 million email addresses of non-users and using those addresses for targeted Facebook advertising. Where those addresses came from is still to be determined – but the fact of the matter is that LinkedIn, a trusted business network jumped on the bandwagon of data mining. And the Irish regulators got a bit irate – and rightly so.
The addresses were uploaded to Facebook in a “hashed” or coded form so Facebook could deliver ads to LinkedIn’s intended targets.
The Irish complaint
So how did LinkedIn step over the green and clover lined field of data protection?
It’s fairly simple – they fell into the trap of making money from individual and specific information.
LinkedIn processed 18 million email addresses and then used them for targeted Facebook advertising. All without any permission by the owners of those addresses. or those whose email addresses were being used, both of those issues are problematic to say the least.
The Irish Data Protection Commissioner found that that there were ‘systemic’ issues with the way that LinkedIn was processing personal data.
Not only was there no indication as to how LinkedIn had obtained that information but the way they used the data was problematic in the extreme.
A LinkedIn non-member complained that he was being targeted with Facebook advertising, claiming that his email address had been used by the company to target him. It was not long until others began to pile in.
To add to Facebook’s current woes around data privacy now this new salvo was fired at the Microsoft owned LinkedIn and Facebook advertising.
The commissioner’s report said LinkedIn in the US ‘had targeted the 18 million users on Facebook in the absence of instructions from LinkedIn in Ireland, which was the data controller.’ The Irish authorities issued this statement.
“The complaint was ultimately amicably resolved, with LinkedIn implementing a number of immediate actions to cease the processing of user data for the purposes that gave rise to the complaint,” the commissioner said.
However, following on from this complaint, the DPC said it was concerned with the “wider systemic” issues identified and it commenced an audit to verify that LinkedIn had appropriate security measures in place, particularly for its processing of data about non-members.
“The audit identified that LinkedIn Corp was undertaking the pre-computation of a suggested professional network for non-LinkedIn members,” the report said.
“As a result of the findings of our audit, LinkedIn Corp was instructed by LinkedIn Ireland, as data controller of EU user data, to cease pre-compute processing and to delete all personal data associated with such processing prior to May 25th, 2018.”
LinkedIn apologized and said that the company would do more to police their activities.
In other words – you get away without even a slap on the wrist.
It does not take anyone with even two brain cells that knock together to see what is going on. Microsoft, Facebook, you are mining. So is any organization that wants clients. Those businesses all do the same – if they can take a byte (of data) about clients they will.
Irish #privacy regulators got a bit irate – and rightly so with LinkedIn's use of 18M email addresses for targeted Facebook advertising. Click to Tweet
Business or personal, pull up a keyboard and your data will be gathered. The frightening thing is it is now being swapped between what increasingly seems to be a conglomerate. Is big data invasion and cross-selling our data now a thing?