LinkedIn

Description

The Irish DPA (DPC) has fined LinkedIn EUR 310 million. This decision is related to an investigation following a complaint in 2018 from the French NGO 'La Quadrature Du Net'. In July 2024, the DPC issued a draft decision under the GDPR cooperation mechanism under Art. 60 GDPR, to which no objections were raised. During its investigation, the DPC found that LinkedIn had no valid legal basis for processing user data for the purposes of behavioral analysis and targeted advertising. The DPC found that LinkedIn could not rely on Art. 6 (1) a) GDPR, as the consent of the users did not appear to be freely given, informed and unambiguous. Furthermore, according to the DPC, LinkedIn could not rely on Art. 6 (1) f) GDPR, as the interests, fundamental rights and freedoms of the users outweighed the interests of LinkedIn. The DPC also ruled that LinkedIn could not rely on Article 6 (1) b) GDPR as a legal basis. Finally, the DPC also found that LinkedIn had not provided users with sufficient information about the data processing in accordance with Art. 13 (1) c) GDPR and Art. 14 (1) c) GDPR.