Microsoft-owned professional social network LinkedIn faces a legal tension. As per the investigation carried out by Ireland’s Data Protection Commission(DPC), LinkedIn targeted 18 million non-LinkedIn users using Facebook ads without necessary clearance. The investigation was based on LinkedIn’s activities during the first half of 2018, a technology publication The Verge reported last weekend.
DPC, in its latest report, said that it acted on the complaint reported by a non-LinkedIn user. DPC found out in its audit about an unwarranted Facebook ad targeting by LinkedIn Ireland Unlimited company. DPC also said in its report that LinkedIn Ireland obtained the email address of 18 million non-linkedIn users for the purpose of targeted advertising through Facebook.
Targeted advertising, as its name suggests, is the method of targeting a particular group of people. Such a group can be categorised based on age, gender, browsing history and many other factors. Important question here is how did LinkedIn come into possession of such an enormous amount of personal data such as email address of 18 million non-LinkedIn users.
DPC also said in its report that LinkedIn immediately addressed the issue and took action by ceasing personal data processing, something that ultimately led to the whole issue in the first place. As per the report, LinkedIn Ireland did not have sufficient permission from LinkedIn Corporation in the US to carry out such an activity. This is what LinkedIn’s privacy head for Europe, the Middle East and Africa, Denis Kelleher, told TechCrunch in a statement:
"We appreciate the DPC's 2017 investigation of a complaint about an advertising campaign and fully cooperated. Unfortunately, the strong processes and procedures we have in place were not followed and for that we are sorry. We've taken appropriate action, and have improved the way we work to ensure that this will not happen again."
In the year 2012, LinkedIn suffered a massive security breach that eventually led to 6.5 million stolen passwords.