An investigation reveals business and employment-oriented service Linkedin has reportedly targeted non-LinkedIn members on Facebook, without any permission reported the New Indian Express.
A report by the Data Protection Commission of Ireland, which conducted the investigation, has found Linkedin targeting 18 million non-LinkedIn members, using hashed email addresses.
According to the Verge, the investigation had covered movements of the professional networking platform, which is owned by Microsoft, for the first six months of 2018.
The DPC published its report on Friday, concluding the audit of LinkedIn Ireland Unlimited Company. The audit was conducted in respect of LinkedIn’s processing of personal data after a non-LinkedIn user had notified the DPC. The user had complained LinkedIn obtaining and using his email id for targeted advertising on Facebook.
The United States LinkedIn Corporation did not have any permission of the data controller - LinkedIn Ireland, which was required to process hashed email addresses of 18 million non-LinkedIn members, the investigation revealed.
While it is still unclear how LinkedIn was able to get those 18 million email addresses, the DPC, in the report said the complaint was finally "amicably resolved" after LinkedIn implemented many actions to stop the processing of user data which gave rise to the claim.
The body is still "concerned with the wider systemic issues identified" and has undertaken a second audit to deduce whether Linkedin has adequate "technical security and organisational measures."
DPC made sure Linkedin ordered the site to stop and delete all the associated data before May 25, 2018, when the General Data Protection Regulation (GDPR) had come into effect. TechCrunch had pointed out LinkedIn was not fined since, until the implementation of GDPR, the regulator did not have the authority to impose fines.