惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

P
Proofpoint News Feed
G
Google Developers Blog
Jina AI
Jina AI
罗磊的独立博客
李成银的技术随笔
爱范儿
爱范儿
WordPress大学
WordPress大学
雷峰网
雷峰网
博客园 - Franky
V
Visual Studio Blog
Recorded Future
Recorded Future
量子位
V
V2EX
阮一峰的网络日志
阮一峰的网络日志
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
博客园_首页
F
Fox-IT International blog
Last Week in AI
Last Week in AI
人人都是产品经理
人人都是产品经理
Recent Announcements
Recent Announcements
F
Future of Privacy Forum
月光博客
月光博客
Security Latest
Security Latest
宝玉的分享
宝玉的分享
P
Privacy International News Feed
O
OpenAI News
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
L
LINUX DO - 热门话题
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Tor Project blog
小众软件
小众软件
P
Privacy & Cybersecurity Law Blog
C
Cisco Blogs
Project Zero
Project Zero
IT之家
IT之家
Y
Y Combinator Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
Microsoft Security Blog
Microsoft Security Blog
B
Blog
博客园 - 【当耐特】
The Register - Security
The Register - Security
J
Java Code Geeks
AWS News Blog
AWS News Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - 聂微东
H
Hacker News: Front Page
Cisco Talos Blog
Cisco Talos Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 三生石上(FineUI控件)

DEV Community

What I Actually Build: AI Systems That Ship, Not Demos That Impress I Cancelled My $20 Claude Cowork Plan After a Week With OpenWork Stop Reviewing Every Line of AI Code - Build the Trust Stack Instead How To Build an Image Cropper in Browser (Simple Steps) I built a macOS disk cleaner for developers and just launched it would love feedback Membangun Kompetensi dan Relasi: Mengapa Ekosistem Kampus Itu Penting I Built an AI That Decides Which AI to Talk To — Running 24/7 From My Living Room Codex Team Usage SOP How to Actually Become a Programmer: The Hard Part Nobody Wants to Explain Building a Production-Style Multi-Tool AI Agent with Python, Flask, React & Gemini AI The Caretaker Sandbox: An Offline-First Visual Playground & Template Engine powered by Gemma 4 # Building Instagram OSINT Projects with HikerAPI Your AI can read. Gemma 4 can see The Battle of the Senior Dev: Why AI Gives You Wings But Only If You're Ready to Pilot HiDream Raw Output Failed Tried Dev-2604 VRAM Math Killed It Won with a Prompt Enhancer Instead I Finally Finished a Project I Abandoned — And GitHub Copilot Helped Me Ship It SafeSMS: On-Device Threat Detection with Gemma 4 E4B, no internet required I Built OpenKap — A Loom Alternative for Small Teams Who Just Want to Ship Gemma 4 is Here: The Dawn of Local Multimodal Reasoning Offline-First Flutter: How We Built a CRM That Manages 100K+ Leads With No Internet Memory for Agents: When Vectors Meet Graphs, Bugs Drop 4 The Rise of Production-Grade AI Infrastructure I ran my idea-validation product through its own validator. The verdict was PIVOT. We Built an Agent Commerce API. Google I/O 2026 Changed Our 3-Month Roadmap in 24 Hours. "My Partner's Memory Was Full. I Didn't Know — Until We Tried to Talk." I’m a Front End Web Developer Learning Machine Learning From Scratch Laravel Waiting Request I Built a Chrome Extension to Track How Long You Actually Spend on Each Tab Why Google Can't See Your React Breadcrumbs (And the 4-Line Fix) AI Travel Assistant Powered by Gemma 4; With Streaming, Image Input, and Visual Recommendation Cards Microsoft tried to kill the printer driver. Healthcare said no. The Blueprint Beneath the Blueprint: Designing Data Model and Choosing Its Database REST APIs vs Webhooks in Telecom Billing - Which One Actually Makes Sense? Accounting Made Simple: AI-Powered Financial Insights of Japanese Companies with Gemma 4 The append-only AST trick that makes Flutter AI chat actually smooth Designing the Future of Payments — Why XML Still Matters in the Age of APIs From Legacy to Live — Reviving XMLPayments with GitHub Copilot Two Weeks Into Learning Solana XMLPayments — The Hidden Backbone of Modern Financial Orchestration AI Agents in Practice — Read from the beginning Reviving My Gemma Agentic Framework: From Prototype to Polished Repo Smart Contracts Demand Better Infrastructure: Building on contract.dev Self-Hosted LLM Tool Calling: Forge and the Build-vs-Buy Decision ORA-00072 오류 원인과 해결 방법 완벽 가이드 OpenWA for CTOs: Self-Hosted WhatsApp Gateway Trade-Offs NotebookLM Automation With notebooklm-py: Useful, But Classify Data First Docker v29.5.x Operator Upgrade Checklist Coding-Agent Instruction Design: The CLAUDE.md File That Prevents Rework When I Finally Realized My Runtime Was Holding Me Back GnokeOps: Host Your Own AI House Party The Death of Static Rate Limiters: Why Your Java Virtual Threads Need BBR-Style Adaptive Concurrency AI Agents in Practice — Part 2: What Makes Something an Agent Stop scattering LLM SDK/API calls across your codebase. Here is the 2-file rule that fixed mine Beyond Prompts: Structuring AI Workflows for Real Frontend Engineering From an Abandoned Hackathon Project to an AI Study Workspace 🚀 Terraform with AI: Build AWS Infra (Cursor + MCP) What If AI Didn’t Need the Internet? 750,000 Chips, 140 Trillion Tokens: The Math Behind DeepSeek's Permanent Price Cut You're Renting Someone Else's Compute — And It's Costing You More Than You Think CSS :has() Selector: The Layout Trick I Wish I Knew 5 Years Ago Five Clusters. Five Lessons. One Production System. Synaptic: A Local-First AI Dev Companion That Remembers How You Think Revolutionizing Edge MedTech: Building a Sovereign Sleep Apnea Companion ("XiHan Snore Coach") with Gemma 4 HDD Eksternal Tiba-Tiba Tidak Bisa Diakses di Windows? Ini Tiga Lapis Fix-nya DMARC p=none vs p=quarantine vs p=reject: what to use and when DSA Application in Real Life: How Git Diff Works: LCS Intuition, Myers Algorithm, and Real Code Changes I solo-built a reputation layer for AI agents on NEAR — and here's what I learned I built an AI faceless video generator in 2 months — here's the stack Diffusion Language Models: How NVIDIA Nemotron-Labs Diffusion Shatters the Autoregressive Speed Ceiling llm-nano-vm v0.8.0 — deterministic FSM runtime for LLM pipelines, now with output validation and per-step timeouts From the Renaissance to the Quantum Dawn: AI, Computation, and the Next Paradigm Shift How I Built a Review Site with 800+ Articles Using AI I Built a Smart Kitchen AI with Gemma 4 That Turns Fridge Photos Into Recipes Why your vulnerability dashboard is lying to you (and how to fix it) From Abandoned Prototype to Smart AI System: Reviving Trafiq AI with GitHub Copilot Why Country/State/City Pickers Are Weirdly Hard Node.js 22 LTS — EOL Date, Support Timeline, and What Comes Next The 7-Layer Memory Architecture Behind Modern AI Agents I Imagined Hermes Agent Running an Entire Smart City — And It Changed How I See AI One backend, four products: why we bet on platform-per-brand AI's tech debt is invisible — even to AI. I solved it at the architecture layer. Why ROAS 300% Can Still Mean Losses — Gross Margin in 5 Ecommerce Verticals You Don’t Need to Try Every AI Tool to Keep Up NovelPilot: A Novel Writing Agent Powered by Gemma 4 BoxAgnts is an Out-Of-The-Box Secure AI Agent ToolBox in a WASM SandBox Gemma 4 deep dive: why a 1.5 GB model scores 37.5% on competition mathematics, how the MoE routing actually works, and which model fits your hardware. Full breakdown inside. BeeLlama v0.2.0: 164 tok/s on a 27B model, one RTX 3090 Google Just Declared the Chat-Log Interface Dead. Here's What Neural Expressive Actually Signals for Developers. ARCHITECTURE SPECIFICATION & FORMAL SYSTEM REPORT: k501-AIONARC Notes from a Hammock What's Google Antigravity 2.0 ? Here's What the Agent Harness Actually Changes for Developers. Building an E2EE Chat App in Flask - Part 3: Keeping File Uploads Safe Google's Gemini Spark. Here's What It Actually Does for Developers. Microsoft Just Shipped MCP Governance for .NET. Here's What It Actually Enforces. How I Built a Pakistan Internet Speed Test Platform at 16 How to Build a Supervisor Agent Architecture Without Frameworks I Built My Own Corner of the Internet — Here's What It Looks Like How does VuReact compile Vue 3's defineExpose() to React? Neo-VECTR's Rift Ascent Idempotency Keys: The API Safety Net You Probably Aren't Using
The Box Ticked While You Read This: LinkedIn, AI Training, and the Switch You Did Not Flip
Vivian Voss · 2026-05-23 · via DEV Community

A sunny terrace high in the Hautes-Vosges mountains, forested summits and pines behind. A young developer has turned her open laptop around to face the viewer, the way you swivel a screen to show someone across the table, and she leans in from the side, pointing at it with one finger and a playful, knowing look. The screen shows a settings page: a breadcrumb reading

Not in the Brief, Episode 04

You are, in all likelihood, reading this on LinkedIn. Somewhere in your account settings sits a switch labelled "Data for Generative AI Improvement". For most members it is on. Almost none of them turned it on. This is the fourth episode of Not in the Brief, a series about the things software does that were never in the brief: the features that arrive switched on, the clauses that appear in an update, the defaults that assume your consent because you did not object to a notice you never saw. The aim is not outrage. It is awareness: what was added, how it works, and how you check and change it on your own account.

The Feature

The setting permits LinkedIn to use your data to train generative AI models. Two kinds of model, in fact: LinkedIn's own, and those of its affiliate, Microsoft, which owns LinkedIn and runs the Azure OpenAI service the platform draws on. The data in scope is your profile information and the content you post publicly: your posts, your articles, your comments. LinkedIn states that private messages are not used. That distinction matters, and it is worth stating plainly so the rest of this piece is not misread: this is about your public content, the part of LinkedIn you intended to be seen, becoming training material. It is not about your inbox.

The Introduction

The chronology is the interesting part, because it is where the brief and the execution part company.

On 18 September 2024, an updated LinkedIn privacy policy took effect. With it, the "Data for Generative AI Improvement" toggle appeared in members' settings, already enabled. The mechanism was opt-out: your data would be used unless you went and said no. On the same day, 404 Media reported that LinkedIn had begun using member data for AI training before its terms of service had been updated to disclose it. Asked about the gap, the company said it would update the terms "shortly". A brief, one observes, is conventionally agreed before the work begins, not retrofitted to it afterwards.

Europe and the UK were, briefly, an exception. On 20 September 2024, the UK's Information Commissioner's Office issued a statement welcoming that LinkedIn had paused the processing. LinkedIn confirmed it was "not enabling training for generative AI on member data from the European Economic Area, Switzerland, and the United Kingdom, and will not provide the setting to members in those regions until further notice". For a little over a year, "until further notice" held.

Then the notice came. On 3 November 2025, LinkedIn began using data from members in the EU, the EEA, Switzerland, the UK, Canada and Hong Kong to train its content-generating AI models, having announced the change some weeks earlier. The legal basis it relies on for this is "legitimate interest", a lawful ground under the GDPR that does not require prior consent, only that the interest be balanced against the member's rights and that an objection (the opt-out) be offered. So the switch that did not exist in Europe in 2024 exists everywhere now. Wherever you are reading this, it is in your settings, and it arrived pre-flipped.

The Mechanics

Three mechanical details determine what this actually means for you.

First, the direction. The setting is on by default. You are enrolled by inaction. To leave, you must act; to stay, you need only never look. This is the defining property of an opt-out, and it is why opt-outs and opt-ins produce wildly different participation rates from identical populations: the default is the decision, for everyone who does not make one.

Second, the scope. "Legitimate interest" is a legitimate legal basis; it is not a synonym for wrongdoing. But it is, in plain terms, the ground that lets an organisation process your data because it has decided the processing is justified, subject to your right to object. It is the courteous phrasing for "we may, unless you tell us not to". The GDPR requires that the objection be easy and that it be honoured. It does not require that anyone phone you first.

Third, and most important, the opt-out is forward-only. Switching the toggle off stops your data being used for training from that point onward. It does not retract what has already been used. For members in the regions switched on this November, that means the public content you posted before the cut-off is already within scope, opt-out or not. You can close the gate, but the herd that was already through it does not come back. This is not a quirk of LinkedIn; it is the nature of training data. A model does not forget a sentence because you later asked it to.

The Risk

It is worth being precise about what the risk is and is not, because the temptation in this genre is to reach for the language of surveillance, and that language would be wrong here.

This is not a breach. Nothing was stolen. The content used is content you chose to make public, and the controlling setting is documented and reachable in three clicks. If the story were "LinkedIn read your private messages", that would be a different and far graver piece. It did not, and this is not.

The risk is about consent and expectation, which is the entire remit of this series. A member who posts publicly on a professional network has a reasonable mental model of what that means: my words are visible, searchable, quotable by humans. The model most members do not hold, because nobody asked them to form it, is: my words are training data for a commercial model owned by my platform and its parent. The opt-out is documented. The announcement, for most members, was a footnote in a policy update they did not read, because almost nobody reads them, because they are written to be agreed rather than understood.

Here is the judgment, and it is a judgment about architecture and process, not about motive: default-on with a quiet notice is not a leak, and it is not a conspiracy. It is a design choice. It treats the absence of objection as the presence of consent, and it places the entire burden of awareness on the member. That is a legitimate strategy and a defensible one in law. It is also, precisely, a thing that was not in the brief. You joined a professional network. You did not, in any meaningful sense, agree to seed a model. The brief did not change. The execution did.

How to See It

The whole point of this series is that you can check, in under a minute, and then decide for yourself. On the web:

  1. Click your photo, top right, then Settings & Privacy.
  2. Open Data Privacy.
  3. Find Data for Generative AI Improvement (on mobile it sits under the same Data Privacy heading).
  4. Read which way it points. If it is on and you would rather it were not, switch it off.

That is the entire procedure. Two notes on what the switch does and does not do. It governs both LinkedIn's own training and the sharing of your data to Microsoft for model training, so it is one toggle for both. And it is forward-only, as above: turning it off protects what you post next, not what you posted before. There is a separate, more laborious route for objecting to or requesting deletion of past processing, via LinkedIn's data-access and objection forms, if you wish to pursue it; the toggle alone does not do that.

A Note on the Other Side of the Stack

There is a quiet structural lesson underneath this one, and it is the same lesson this series keeps arriving at from different doors. The reason a default could be set for you is that you are a guest on a platform whose defaults are not yours to set. On infrastructure you run yourself, the question "what is being trained on my data" has a different and duller answer: whatever you configured, which is nothing you did not choose. A FreeBSD box in your own cupboard does not enrol you in anything overnight; its defaults change when you change them, and the changelog is the commit you can read. That is not an argument that everyone should self-host their professional identity, which would be absurd. It is only an observation that the convenience of a managed platform and the authority over its defaults are sold as a single package, and the second half of that package is the half nobody reads. The price of not running the stack is that someone else sets the switches, and occasionally ticks one on your behalf.

Coda

None of this requires villains. It requires only a default, a quiet notice, and a population that, reasonably, does not read privacy policies for entertainment. The setting is lawful, the opt-out is real, and the content involved is content you published on purpose. The single thing missing was the asking.

So this is the asking, in reverse. If you have never looked, you do not know which way your own switch points. The looking takes thirty seconds and costs nothing. The only deadline that matters already passed, quietly, for everything you posted before it. The looking simply has to begin, ideally before the next policy updates "shortly".

Read the full article on vivianvoss.net →

By Vivian Voss, System Architect and Software Developer. Follow me on LinkedIn for daily technical writing.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。