- cross-posted to:
- privacy@lemmy.ml
- hackernews@lemmit.online
- cross-posted to:
- privacy@lemmy.ml
- hackernews@lemmit.online
The court found that LinkedIn cannot ignore “Do Not Track” signals sent by users’ browsers. These signals allow internet users to opt-out of having their online activities tracked. Despite receiving these signals, LinkedIn still announced on its website that it engages in tracking for analysis and marketing purposes. The court said this communication is misleading, as LinkedIn is legally required to respect the Do Not Track requests.
Additionally, the court banned LinkedIn from automatically making users’ profiles publicly visible when they first create an account. This “Profile Visibility” default setting published users’ information without their consent, violating data protection regulations. Users must expressly agree before their profiles can be visible to non-members.
This is civil law, not criminal. It needs to be brought to court, otherwise if everybody just quietly ignores it it can go on forever unchallenged. Which is exactly what has happened so far: technically, ignoring “do not track” is in breach of GDPR but it’s pretty hard to prove that a company does it. What’s different about this case is that LinkedIn publicly declared they ignore it, which made it an open and shut case. And now that they got the ball rolling it’s going to be easier to go after other companies.