Ireland’s Data Protection Authority has sanctioned LinkedIn for violating the GDPR in its processing of personal data. The company has to pay 310 million euros.

The Irish Data Protection Commission (DPC) confirmed the ruling with a press release. LinkedIn was sued by a French non-profit organization in 2018. Since LinkedIn’s European headquarters are in Dublin, the complaint ended up with the DPC. It imposes a fine of 310 million euros on LinkedIn.

DPC has found several violations of the GDPR law by LinkedIn in the collection and processing of user account data for personalized advertising. First of all, it is stated that the legal basis on which LinkedIn relies for the use of the data is invalid. LinkedIn is also not sufficiently transparent to users about what happens to their data.

LinkedIn put it succinctly: “While we believe we have complied with the GDPR, we are working to ensure that our advertising practices comply with this decision until the IDPC deadline.” The company will be fined and must respond within three Make the necessary adjustments in months.

No first offense

This is not the first time that LinkedIn has been discredited for incorrectly processing personal data. DPC previously reprimanded LinkedIn in 2018 for purchasing ads from Facebook using the email addresses of millions of people who didn’t even have an account on the platform. If you don’t want to hear it, you have to pay.

However, LinkedIn doesn’t seem to have learned its lesson yet. The company uses user data to train its AI models and there are now loud questions about whether this is done in line with data protection legislation. Testaankoop filed a complaint against LinkedIn for this.

Meta record holder

The fine against LinkedIn is among the ten highest GDPR fines that have been imposed to date. With its first top ten ranking, LinkedIn takes sixth place and is in good company with Amazon, TikTok and Uber.

The undisputed record holder is Meta, which collects GDPR fines like postage stamps. Not only does Zuckerberg’s company have six of the ten highest GDPR fines, the €1.2 billion fine imposed on the company in May 2023 is also the highest to date. A title that Meta will bear proudly given its idiosyncratic interpretation of data protection laws.