Love it, the article referring to a statement by a LinkedIn spokesperson: "The first part of that statement is false, as you can see from the screenshot above. Given the obvious untrustworthiness of that half of the statement, we didn't bother wasting any time trying to evaluate the second part."
Oh I LOVE this, we can't have enough of these privacy-focused non-profits making tech companies' lives difficult. They have such a strong argument here, too. I can imagine that whoever came up with this is very pleased with theirselves, and rightfully so.
Dating apps do this too; one of the major selling points of Tinder's premium plan is that you can see who swiped right on you.
They're not at as much of a risk though, as it's much more difficult to begin a chat with a Tinder user than it is on Linked In. Knowing the profile ID or whatever won't help you, if you can't open their profile in-app and swipe right on it, you can't begin a conversation.
I'm not a fan of how LinkedIn operates ... or the culture there in general.
At the same time I wonder what happens when users realize everything they look at is now more visible than ever? People just make fake accounts for browsing?
Maybe it should be that way, but there's an interesting dynamic to "what you look at (even if not a full picture) is visible to some people".
I think SaaS pricing model has long been abusive. So, you have a platform, which takes real money to build and maintain. But then you build features on top of that platform, where some features are build-once and require not a lot of maintenance and no additional expenses - the code is just sitting there doing the stuff. Then you request additional money for that feature, which is effectively free for you.
Unlike physical goods where a higher price reflects higher production cost, SaaS companies have to engineer scarcity into a product that is naturally abundant.
In this LinkedIn example, they already collect the profile visitors for everyone. Instead, they spent additional engineering resources building the restriction layer and then charge the users to undo the sabotage.
LinkedIn shared a public profile a user filled out for the purposes of sharing.
Someone viewed the profile.
How exactly is it “personal data” who viewed the profile?
If I put my resume on my website, is my ISP required to tell me who visited my website? (The logs give technical data, but not the name of the person viewing.)
Not sure I follow the logic. The list of profiles I visit feels like it’s my data, not the owners of target profile. By that logic can I GDPR chrome for the browsing history of anyone who has visited my site? IANAL but I thought GDPR is about getting a copy of your data, not others.
Noyb basically built a logic trap linkedin can't squirm out of: either selling the visitor list to premium users is illegal or handing it over for free under article 15 is mandatory - pick one
I don't quite get the "GDPR requires you to share with someone the personal details of people who happened to visit a webpage that you setup on a free website" angle here. I don't get how that's your data and not the data of the people who visited the page?
That seems to violate the GDPR more than the current state, no? If I accidentally click on your profile you're entitled to my name and employer and that's your data now? Makes no sense, other than from a "GDPR good, US tech bad!" angle, I guess.
LinkedIn profile visitor lists belong to the people, says Noyb
(theregister.com)221 points by robin_reala 7 May 2026 | 131 comments
Comments
> LinkedIn rejected the request on the grounds that protecting that data took precedence.
Guess that implies that paying takes precedence on data protection
They're not at as much of a risk though, as it's much more difficult to begin a chat with a Tinder user than it is on Linked In. Knowing the profile ID or whatever won't help you, if you can't open their profile in-app and swipe right on it, you can't begin a conversation.
At the same time I wonder what happens when users realize everything they look at is now more visible than ever? People just make fake accounts for browsing?
Maybe it should be that way, but there's an interesting dynamic to "what you look at (even if not a full picture) is visible to some people".
Unlike physical goods where a higher price reflects higher production cost, SaaS companies have to engineer scarcity into a product that is naturally abundant.
In this LinkedIn example, they already collect the profile visitors for everyone. Instead, they spent additional engineering resources building the restriction layer and then charge the users to undo the sabotage.
LinkedIn shared a public profile a user filled out for the purposes of sharing.
Someone viewed the profile.
How exactly is it “personal data” who viewed the profile?
If I put my resume on my website, is my ISP required to tell me who visited my website? (The logs give technical data, but not the name of the person viewing.)
That seems to violate the GDPR more than the current state, no? If I accidentally click on your profile you're entitled to my name and employer and that's your data now? Makes no sense, other than from a "GDPR good, US tech bad!" angle, I guess.
Linkedin is the best thing what happened for phishing since 4ever.
If you have a profile there, you're already lost. They gather your data and even network layout if you just open linkedin.