LinkedIn's Profile Visitor Data Access: A Call for Free Availability for All EU Users
The ongoing legal battle between the None of Your Business (NOYB) digital rights group and LinkedIn is highlighting serious conflicts between business models and European privacy regulations. The complaint, recently filed in an Austrian court, centers on whether LinkedIn’s ‘Who’s Viewed Your Profile’ feature violates the General Data Protection Regulation (GDPR), specifically Article 15, which grants individuals the right to access personal data held about them. This case isn't just another skirmish over user data; it raises fundamental questions about the ethics of monetizing access to personal information in a landscape where privacy laws are becoming more stringent.
The Legal Framework and Allegations
The crux of NOYB's argument rests on the premise that LinkedIn's monetization of profile view information puts EU users at a disadvantage. While the feature was initially launched back in 2007, it became a paid option only after GDPR implementation in 2018. This transformation does not sit well with NOYB, which contends that access to profile visitor data should be universally available, not contingent on subscription fees. They argue that by denying free users this information unless they pay for a Premium account—starting at about €30 per month—LinkedIn is effectively violating GDPR’s stipulations.
Furthermore, NOYB points out a contradiction in LinkedIn's policies. Users can request their data through a Data Subject Access Request (DSAR), but LinkedIn denies access to profile visitor data under the guise of protecting privacy. “LinkedIn is using a supposed ‘data protection interest’ as an argument to deny the right of access to data under the GDPR,” NOYB states in its press release. If accessing this data inherently breaches GDPR obligations, then it stands to reason that no one—including paying subscribers—should have that access at all.
Privacy Versus Profit
LinkedIn might defend itself by explaining that users can opt out of having their profile views made visible, allowing anonymity in profile visits. However, as NOYB points out, this creates an uneven playing field where non-subscribers are left powerless. It becomes a matter of individuals’ rights to know who is viewing their profiles versus the platform’s prerogative to generate revenue by restricting access—a model reminiscent of stratified access to information, where payment determines one's visibility into their own data.
LinkedIn’s stance is also backed by concerns regarding user privacy. A spokesperson for LinkedIn asserted, “Not only is it incorrect that only Premium members can see who has viewed their profile, but we also satisfy GDPR Article 15 by disclosing the information at issue via our Privacy Policy.” This narrative complicates the issue of consent further, raising the question of whether users are fully informed about how their data is handled.
Potential Implications
What’s at stake here goes beyond just LinkedIn. If NOYB succeeds in proving that LinkedIn's actions are in violation of GDPR, this could set a precedent for how other tech companies approach user data access, particularly those using similar monetization strategies. Legal experts suggest that a ruling against LinkedIn could force companies to rethink the ways in which they offer data access—potentially opening the floodgates for users to demand greater transparency and access at no cost.
Helen Brain, a partner at Square One Law in the UK, opines that NOYB has a compelling case but underscores that the outcome remains uncertain. “The case could tighten the grip of GDPR enforcement on tech companies generating revenue through data locking, requiring them to reassess their compliance strategies,” she cautions.
What’s Next?
As the case progresses, LinkedIn’s legal team will need to craft robust counter-arguments. If it opts to maintain its current model, they may try to stress user choice and consent as justifications for their fee-bearing structure. This could serve as a double-edged sword: if they concede ground, it may confirm the validity of NOYB’s claims and reshape how user-generated data can be commercialized in the future.
This legal standoff also serves as a wake-up call for tech companies relying on data monetization. Each firm using data as a feature for premium services should assess its compliance with GDPR and prepare for potential scrutiny, especially as user rights become more firmly entrenched in legal precedent. They must ask themselves whether they’re truly valuing user privacy or merely capitalizing on it.
In summary, the outcome of this case could influence not just LinkedIn but the broader tech industry, highlighting the need for renewed strategies that balance user rights with business objectives. If companies do not adapt, they risk facing additional challenges as consumer awareness and regulatory oversight continue to intensify.