Ireland’s Data Protection Commission (DPC) has issued a €310 million fine to LinkedIn for failing to comply with GDPR regulations related to how user data is processed and used for targeted advertising. The social media platform was found to have inadequately informed users about how their data was being used for behavioral analysis, and the DPC ruled that LinkedIn had not obtained valid consent from users, a key requirement under GDPR.
The DPC concluded that LinkedIn’s processing of personal data was not legally justified, as it violated users' fundamental rights to data protection. Along with the financial penalty, LinkedIn was given a formal reprimand and ordered to ensure full compliance with GDPR going forward.
The complaint against LinkedIn was initially filed in 2018 by the French digital rights group La Quadrature du Net, before being referred to Ireland, where LinkedIn’s European headquarters are located.
This penalty is among the largest issued for GDPR violations, with the largest being a €1.55 billion fine against Meta in 2023.
