LinkedIn Is Selling Your Stalker Dossier and Calling It “Networking” — Privacy Lawyers Are Pissed

You know that little spike of paranoia you get when someone visits your LinkedIn profile? That creeping, "wait—was that my ex-manager?" feeling? Yeah. Microsoft's got a whole business built on that anxiety, and a privacy watchdog just blew the whistle.

No, seriously. noyb—the Austrian privacy advocacy outfit founded by legendary GDPR warrior Max Schrems—just filed a formal complaint against LinkedIn for allegedly violating the European Union's toughest data protection law. And the smoking gun isn't some shadowy dark-web exploit. It's the one feature every LinkedIn user has used at least once: the "Who viewed your profile" tracker.

This isn't a gossip column. This is a full-blown, Brussels-grade, regulator-melting privacy scandal with a $110 billion corporate owner behind it. Let's unpack this dumpster fire.

The “Who Viewed Your Profile” Feature Is Basically a Surveillance Receipt

Here's the deal. Every time someone peeks at your LinkedIn profile, LinkedIn quietly logs that visit. Not the name—at least not upfront—but enough metadata to build a creepy little behavioral dossier over time. The problem? LinkedIn allegedly collects this data without asking you for explicit, upfront consent first.

We're talking about an opt-out model. Meaning the tracking is on by default. You only find out it exists when you dig into your account settings and flip a switch. Under the GDPR, the European gold standard for data protection, most of this kind of processing is supposed to be opt-in. You should be asked before your data gets scooped up, not after.

And it gets worse. LinkedIn stores these visit records for months. But here's the kicker—you can only see the full breakdown of who's been creeping on your profile if you pay for a Premium subscription. That's right. The raw data about your own digital footprint is a premium feature. 🔥

So How Does LinkedIn Justify This? “Protecting Other People’s Privacy.” Sure, Jan.

When a user formally requested access to their own profile visit data under Article 15 of the GDPR—which literally guarantees the right to access personal data collected about you—LinkedIn said no. Their excuse? Protecting the privacy of other users involved.

Now, noyb's lawyers are absolutely shredding this argument. If LinkedIn is so concerned about other users' privacy, why is the same data available the second someone pays for Premium? You can't have it both ways. Either the data is sensitive and shouldn't be shown at all, or it's fine to monetize it through a subscription. Pick one.

This isn't some abstract legal nerd fight. This is the difference between a platform that respects your rights and one that treats your data like a side hustle.

The 310 Million Euro Elephant in the Room

Let's set the scene. It's 2024. LinkedIn gets slapped with a 310 million euro fine by Ireland's Data Protection Commission. The crime? Behavioral advertising and shady personal data usage. Three hundred and ten. Million. Euros. That's not a parking ticket—that's a "we're going to remember this forever" fine.

And now, barely a year later, noyb is back with a fresh complaint targeting a feature that millions of professionals use every single day. Recruiters check it. Job seekers obsess over it. CEOs glance at it between meetings. It's baked into the daily workflow of European professionals, and almost nobody stopped to ask, "Hey, who else is reading this data, and are they making money off it?"

The answer, according to noyb, is a big fat yes. LinkedIn's business model essentially turns your professional social graph into a commodity. The visits are tracked, stored, and then handed back to you as a paid perk. That's not a feature. That's a data monetization play with extra steps.

Why This Actually Matters to You (Even If You Don’t Care About LinkedIn)

Here's the thing nobody talks about. The average LinkedIn user doesn't think of themselves as a "data subject." They think of themselves as a "job seeker" or a "networker." They log in, update their headline, maybe slide into a recruiter's DMs, and bounce. They don't imagine that every single profile visit is generating a data point that gets stored in some backend warehouse for months.

The simple act of visiting a profile becomes a commercial data point. Tracked. Archived. Potentially sold or used for targeting. And the user? They never clicked "I agree" to any of it. They just… existed on the platform.

This is the exact kind of scenario the GDPR was designed to prevent. And LinkedIn is walking right through the fire with a grin on its face.

The Italian Garante Is Watching Too

It's not just noyb and the Irish regulators getting involved. Italy's Garante Privacy has been pulling up its sleeves as well. Recent actions from the Italian data protection authority have begun scrutinizing practices related to harvesting professional information from LinkedIn profiles for unauthorized marketing and promotional outreach.

In plain English: companies are scraping LinkedIn profiles—job titles, industries, connections—and using that info to spam people with sales pitches. Without permission. Without consent. And the Garante is saying, "Yeah, that's not okay."

This broader crackdown across Europe signals something massive. The days of treating LinkedIn like a free-for-all contact database are numbered. Regulators are connecting the dots between aggressive commercial data use and the erosion of user trust.

How LinkedIn’s “Who Viewed Your Profile” Actually Works — A Breakdown for Humans

Okay, let's get a little nerdy for a second. I promise I'll keep it painless.

When someone visits your LinkedIn profile, the platform's servers log a hit. Think of it like a security camera at a nightclub entrance. Every person who walks in gets timestamped. The system records who (or at least the account ID), when, and how often.

Here's where it gets spicy. LinkedIn doesn't just show you "Hey, 12 people visited this week." If you have Premium, you get names, job titles, companies, and how many times each person popped by. Without Premium, you get a blurry summary—a silhouette of activity. It's intentionally vague so you'll upgrade.

Now, under the GDPR, any processing of personal data requires a legal basis. For something as invasive as tracking who looks at your profile, you generally need explicit consent (opt-in). LinkedIn's approach is to flip the switch the other way—you're tracked unless you dig through settings and opt out. That's a fundamental GDPR violation according to noyb.

And the Article 15 angle is brutal. The GDPR says you have the right to know what data a company holds about you. When a user asked LinkedIn for that data, LinkedIn said no. Then LinkedIn turns around and sells access to that same data through Premium. The legal contradiction is so obvious it practically glows in the dark.

This Isn’t Just a LinkedIn Problem — It’s Every Big Platform Problem

Zoom out for a second. LinkedIn isn't unique here. Every major platform—Meta, Google, TikTok, X—runs some version of this playbook. Collect data first, ask questions never. Wrap it in a shiny UI. Make the useful stuff a paid feature. Rinse and repeat.

The difference is that LinkedIn positions itself as a professional tool. People trust it with their careers, their résumés, their employer histories. When that trust turns out to be a data extraction pipeline, the betrayal hits different.

As the noyb complaint frames it, this is about whether users are truly aware of the data being collected during activities they consider normal and everyday. And the honest answer, for most people, is no. They're not.

The line between "useful feature" and "invasive data collection" is getting thinner every quarter. And the economic value of digital information keeps climbing. That's a dangerous cocktail.

What You Can Actually Do About This (Besides Panicking)

Actionable moves that won’t make you cry into your keyboard:

• Flip the switch. Go into LinkedIn settings right now and disable profile visit tracking if you haven't already. It's buried under "Privacy" → "How others see your LinkedIn activity." Consider this your first act of digital rebellion.
• Stop trusting the "free" tier. If the basic version of a feature is intentionally crippled to push you toward paid, ask yourself what you're actually paying for. Spoiler: it's your own data.
• Submit an Article 15 request. If you're in the EU, you have the legal right to ask LinkedIn what data they hold about you. File it. See what they give you. Then decide if you're comfortable.
• Enable 2FA on every account, including LinkedIn. Because if they're this sloppy with your visit data, your password security is probably an afterthought too.
• Read the privacy policy. I know. I KNOW. But skim it. Look for the words "tracking," "analytics," and "third-party sharing." You'll find more red flags than a bullfighting arena.
• Consider a VPN for your LinkedIn sessions. It won't stop LinkedIn from logging visits, but it adds one more layer between you and their tracking apparatus.
• Talk about this stuff. The more people know, the more pressure regulators feel. Share this post. Post about it. Make LinkedIn uncomfortable.

The Bottom Line — LinkedIn Is Playing With Fire and the GDPR Is the Fire Department

Let's be crystal clear. LinkedIn is one of the most powerful professional platforms on the planet. Millions of people rely on it for jobs, connections, and career growth. But when the company starts treating your every profile visit as a monetizable data point—collected without consent, stored for months, and locked behind a paywall—it crosses a line that the GDPR was literally written to protect against.

Max Schrems and noyb didn't file this complaint because they hate networking. They filed it because a platform the size of Microsoft is running what amounts to a paid surveillance receipt system and calling it a "professional feature." The 310 million euro fine from Ireland should've been a wake-up call. Instead, LinkedIn seems to have hit snooze.

So here's my advice. Check your settings. Know your rights. And maybe—just maybe—stop accepting that "who viewed your profile" is a casual little metric and start seeing it for what it really is: a record of your digital life being harvested, hoarded, and sold back to you one monthly subscription at a time.

If this post made you rethink how you use LinkedIn, do me a favor. Share it. Drop a comment. And for the love of all that is holy, enable two-factor authentication on every account you own. Your data is already out there. At least make someone work for it.