top of page

Ireland data watchdog hits LinkedIn with €310 million fine

05/11/2024

Ireland’s Data Protection Commission (DPC) has hit LinkedIn with a massive €310 million fine, forcing the networking giant to overhaul its data processing practices to align with EU regulations.


This hefty fine is the result of a deep investigation into LinkedIn’s data handling, specifically how it managed users’ personal data for targeted advertising and behavioral analysis. The DPC's scrutiny revealed serious doubts about the legality, fairness, and transparency of LinkedIn’s data usage practices. This inquiry, spearheaded by the DPC in Dublin following a complaint initially raised by the French Data Protection Authority, demonstrates that even tech titans must adhere to data protection laws.


The decision, communicated by Data Protection Commissioners Dr. Des Hogan and Dale Sunderland on October 22, came with a stern reprimand and a directive for LinkedIn to overhaul its data processing. Deputy Commissioner Graham Doyle emphasized, “The lawfulness of processing is a core element of data protection law, and handling personal data without a valid legal basis is a severe breach of a person’s fundamental right to data protection.”

LinkedIn fell short on several counts, including violations of Article 6 GDPR and Article 5(1)(a) GDPR, which stress that processing must be lawful and fair. The platform’s reliance on user consent, legitimate interests, and contractual necessity as a basis for data processing was deemed inadequate under the GDPR. Additionally, LinkedIn's communication to users regarding data handling lacked the necessary transparency mandated by Articles 13 and 14 of the GDPR.


This case is a stark reminder that even global powerhouses are not beyond the reach of regulatory enforcement. The DPC has shown time and again that it’s prepared to levy substantial fines for non-compliance, as evidenced by the record-breaking €2.5 billion total fines imposed on Meta for GDPR breaches, including a €1.2 billion penalty just this year.


For businesses, large or small, this underlines a crucial point: robust cyber risk management isn’t optional—it’s essential. Investing in comprehensive cyber insurance and proactive risk management strategies should be a top priority for every risk register. Coverage like that provided by W Denis Group can be invaluable, offering protection against fines, liability, cyber-attacks, and data breaches.


W Denis Group brings a wealth of expertise in guiding businesses through complex cyber insurance landscapes, ensuring that they are prepared for and resilient against the ever-evolving threats of the digital world. 


For more information, or a quotation, please contact W Denis Europe or W Denis International:


Southern Europe and the MENA Region

Christos.Hadjisotiris@wdenis.com

LinkedIn: https://www.linkedin.com/in/christos-hadjisotiris-aa513a44/


Eastern Europe

Vida.Jarasiunaite@wdenis.eu


Western Europe &/or elsewhere worldwide

Mark.Dutton@wdenis.com

bottom of page