Irish authorities have fined LinkedIn €310 million for privacy violations related to its ad targeting business, a blow to the Microsoft-owned job networking platform in the European market.
According to the DPC, LinkedIn sought user consent to share their personal data with third parties for targeted ads. However, the regulator found that the consent was not “freely given, sufficiently informed, specific, or unambiguous,” falling short of the standards set by the European Union’s General Data Protection Regulation (GDPR).
The case stemmed from a complaint filed in France in 2018 by La Quadrature du Net, a digital rights watchdog. The complaint targeted LinkedIn alongside other American tech giants—Google, Apple, Facebook, and Amazon—accusing them of exploiting users’ personal data without proper consent.
The French DPC then passed the complaint to its Irish counterpart because LinkedIn, like many other Big Tech companies, has its European headquarters in Ireland. It took six years for Irish regulators to reach a final decision on the claims.
“The processing of personal data without an appropriate legal basis is a clear and serious violation of a data subject’s fundamental right to data protection,” said Graham Doyle, the Irish DPC’s deputy commissioner.
In addition to being fined, LinkedIn was given three months to bring its data processing practices into compliance.
The $335 million is lower than the $425 million charge Microsoft said it expected to take from the Irish regulator last year. Still, it marks one of the largest fines any EU authority has imposed on Big Tech under GDPR since 2018, when the regulatory regime was created to enforce some of the world’s strictest digital privacy and security rules, with hefty penalties for violations.
Recent fines reflect the EU’s growing scrutiny of American Big Tech. In September, the Irish DPC fined Meta €91 million ($101 million) for GDPR breaches, including storing user passwords in the format of human-readable plain text and failing to promptly report a data breach that took place in March 2019.
Meta’s subsidiary WhatsApp was also fined €5.5 million ($6 million) by the Irish DPC in 2023 for transparency violations, adding to the messaging app’s previous €225 million (then $266 million) fine in 2021 for similar GDPR infractions.
