惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

IT之家
IT之家
NISL@THU
NISL@THU
The Hacker News
The Hacker News
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Tenable Blog
Forbes - Security
Forbes - Security
V2EX - 技术
V2EX - 技术
Webroot Blog
Webroot Blog
Schneier on Security
Schneier on Security
T
The Exploit Database - CXSecurity.com
T
Tor Project blog
C
Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
The Last Watchdog
The Last Watchdog
PCI Perspectives
PCI Perspectives
O
OpenAI News
C
Cyber Attacks, Cyber Crime and Cyber Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Google Online Security Blog
Google Online Security Blog
宝玉的分享
宝玉的分享
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
量子位
D
Docker
AI
AI
Blog — PlanetScale
Blog — PlanetScale
S
Security @ Cisco Blogs
S
Schneier on Security
The GitHub Blog
The GitHub Blog
W
WeLiveSecurity
云风的 BLOG
云风的 BLOG
M
MIT News - Artificial intelligence
P
Privacy International News Feed
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
H
Hackread – Cybersecurity News, Data Breaches, AI and More
B
Blog
C
Check Point Blog
A
About on SuperTechFans
D
Darknet – Hacking Tools, Hacker News & Cyber Security
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Engineering at Meta
Engineering at Meta
I
InfoQ
T
Threat Research - Cisco Blogs
Project Zero
Project Zero
Cloudbric
Cloudbric
MongoDB | Blog
MongoDB | Blog
Cisco Talos Blog
Cisco Talos Blog
L
Lohrmann on Cybersecurity
S
Securelist

The Register - Offbeat: Legal

China makes it illegal to fire humans if AI takes their jobs Databricks fails to shake authors' copyright claim Cloudera allegedly overlooked US job candidates: DoJ Australia threatens tech companies with 2.25 percent tax China blocks Meta's acquisition of AI outfit Manus Scotland Yard can keep using live facial recognition on Londoners, say judges UK tribunal sends £2B claim accusing Microsoft of overcharging for licensing to trial Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords Americans behind Nork IT fraud sentenced to 200 months Indian government investigating TCS after police sting French cops free mother and son after crypto kidnapping EFF: California 3D printer bill threatens digital freedoms IBM pays up under Trump administration's diversity blitz OpenAI CEO Sam Altman home attack suspect charged AI vs the cold hard reality of the legal profession Big Tech has not enforced Australia’s social media ban Big Tech has not enforced Australia’s social media ban China's not thrilled AI experts want to leave the country China's not thrilled AI experts want to leave the country JLR cyber bailout risks dangerous precedent, watchdog warns Patel dodges question about FBI buying location data Patel dodges question about FBI buying location data ChatGPT advised exec on firing Subnautica founders: court Japan to allow ‘proactive cyber-defense’ from October 1st FSF urges AI vendors to liberate LLMs Age verification isn't sage verification when it's inside operating systems India tests whether AI can stop trains hitting elephants Perplexity Comet hurtling toward Amazon ban Lenovo, Nintendo sue US government seeking tariff refunds Google embraces third party app stores and payments OpenA says Pentagon set ‘scary precedent’ binning Anthropic China floats conspiracies about US crypto lawsuits Microsoft 'cooperating' with Japanese antitrust probe Anthropic misanthropic toward China's AI labs Americans sue Homeland Security over 'illegal' surveillance SerpApi asks court to dismiss Google web scraping lawsuit Qualcomm set to triumph in UK smartphone ‘patent tax’ case GPT-5 bests human judges in legal smack down Starlink speeds past terrestrial networks – and regulators Indian police commissioner wants ID cards for AI agents Rail workers accused of using ChatGPT for legal help Ghost gun legislation casts shadow over 3D printing UK to probe xAI over its revolting robo-smut generator UK to probe xAI over its revolting robo-smut generator Ex-Google engineer convicted of stealing AI secrets Ex-Google engineer convicted of stealing AI secrets Nudify app proliferation shows naked ambition of Apple and Google Nudify apps get past Google, Apple app moderation European Commission opens new investigation into X's Grok Meta probed over WhatsApp data disclosure Surrender as a service: Microsoft unlocks BitLocker for feds Oracle, Michael Dell, invest in JV to run TikTok USA UK gambling czar says Meta turns blind eye to illegal ads Akamai CEO wants help to defeat piracy, reckons he can handle edge AI alone Akamai CEO wants help to defeat piracy, can do edge AI alone Ofcom keeps X under the microscope despite Grok 'nudify' fix India demands crypto outfits geolocate customers, get a selfie to prove they’re real Tories vow to boot under-16s off social media and ban phones in schools Cloudflare CEO threatens to pull out of Italy Malaysia and Indonesia block X over deepfake smut EU vows to stand firm as US steps up attacks on tech regs X sues to protect Twitter brand Musk has been trying to kill Reddit sues Australia to escape kids social media ban Crypto-crasher Do Kwon jailed for 15 years Cloud group says EU should have blocked VMware-Broadcom Australia bans teens from social media – good luck with that Care leavers face bureaucracy and delays accessing records ICE-tracking app developer sues Trump administration Judge may force Vizio to share source code under GPL EU fines X €120M in first-ever DSA penalty payout IP lawyer's son surprises with vibe-coded IP infringement Campbell’s cans IT VP after ‘3D-printed chicken' rant TSMC lawsuit claims former exec probably leaks to Intel AI nudification site fined £55K for skipping age checks Senators propose to let users sue tech giants for harmful al Dutch turbine engineer tried to turn wind into crypto £5B Bitcoin bandit sent down for 11 years EU’s leaked GDPR, AI reforms slated by privacy activists Feds beat fraudster in $345M destroyed Bitcoin dispute Getty loses UK copyright battle against Stability AI Supermicro launches probe after staff charged with China export violations
Noyb cries foul on LinkedIn withholding profile visitor data
Brandon Vigliarolo Brandon Vigliarolo · 2026-05-06 · via The Register - Offbeat: Legal

Legal

Viva la revolución: LinkedIn profile visitor lists belong to the people, says Noyb

GDPR Article 15 doesn't care if you want to make money by selling users' data back to them

A LinkedIn feature the average non-paying user likely only glances past could end up setting a legal precedent in the EU regarding how companies treat customer data that they've processed. 

Take a look at your LinkedIn profile, if you have one, and you'll see a space where you can look at profile viewers. For premium LinkedIn users, the list of people who visit one's profile goes back 365 days and includes names, job title and employer, and an easy link to the person's profile, unless they've toggled their visibility off for privacy reasons. 

premium-linkedin-profile-viewers

What a premium LinkedIn user sees when they look at their profile viewers

Non-premium LinkedIn users, on the other hand, don't get nearly the same level of visibility on their profiles. If you don't fork over cash to LinkedIn owner Microsoft each month for the privilege, you'll just see things like "12 people found you though the homepage," or that someone with a certain job title from a certain company was scoping out your LinkedIn page. 

Clicking anything on the free user list redirects you to a LinkedIn premium signup page or search results for employees at one of the aforementioned companies.

linkedin-profile-viewers-free

What you'll see on the profile viewers screen if you don't have a paid-for LinkedIn account

One unnamed LinkedIn user refused to accept this lesser status, and approached Microsoft to exercise their GDPR Article 15 right to a copy of their personal data processed by LinkedIn. "Processed" can mean a variety of things, including something as broad as simply hosting a particular type of information. 

LinkedIn rejected the request on the grounds that protecting that data took precedence. Now the data protection warriors at EU privacy outfit Noyb ("none of your business") are getting involved.

"Selling data to its own users is a popular practice among companies," Noyb data protection lawyer Martin Baumann said of the case. "In reality, however, people have the right to receive their own data free of charge."

Take a look at the language of Article 15, and it's pretty clear: data subjects (i.e., users) have the right to a copy of any and all data concerning them that's been processed by the provider. A full list of profile visitors seemingly should fall under Article 15 data – even if it's normally reserved for paying users and presented to them in a nicer way, it should still be accessible to free users who actually request it. 

LinkedIn didn't appear to believe that it was doing anything wrong at all. In a clear denial of facts that are obviously apparent to any non-paying LinkedIn user, including the writer and both editors who worked on this story, a LinkedIn spokesperson told us, "Not only is it incorrect that only Premium members can see who has viewed their profile, but we also satisfy GDPR Article 15 by disclosing the information at issue via our Privacy Policy." The first part of that statement is false, as you can see from the screenshot above. Given the obvious untrustworthiness of that half of the statement, we didn't bother wasting any time trying to evaluate the second part.

Noyb acknowledges there's a clear bit of legal fuzz stuck in this corner of the GDPR when it comes to premium service offerings. 

"If any business processes a person's personal data, this information is generally covered by their right of access under the GDPR," Baumann told The Register. "It does not matter that the business would prefer to sell the data to the data subject or that it would be harmful for their business model if they would." 

There's only one exception in Article 15 that would give LinkedIn an out, Baumann told us, and that's the last paragraph, which says a person's right to their data can't adversely affect the rights and freedoms of others. Were LinkedIn to argue that it had to protect the identities of people who visited a data subject's profile, they could have an excuse. But not a good one, in Baumann's opinion. 

"Since LinkedIn does provide information about profile visits to paying Premium members, it cannot consider that disclosing the data would adversely affect the rights of the visitors whose data is disclosed," the Noyb lawyer explained. "Otherwise, providing this information to Premium users would be unlawful too."

What seems to be the sticking point here is where right of access begins and a company's right to make money off data they hold (data that was, ahem, supplied by users) ends. Baumann said he hopes this case can clear the legal air. 

"We expect a clarification concerning the fact that personal data that can be accessed when a user pays for it is also covered by their right of access," he explained. 

Think of it like this: LinkedIn has every right under the GDPR to take data it has about profile visitors, package it up, add analytics, and present it in its most useful form to those willing to pay the platform for such a premium service. But a masochistic user who wants to rawdog a CSV file of the same data should have the right to do that, too - and GDPR Article 15 gives it to them.

It's not just LinkedIn, either. Baumann said there are numerous other cases where similar legal clarification would be appreciated, citing the example of a bank that is unwilling to provide access to account statements in response to a GDPR request, but is happy to hand over similar data for a fee. 

"A precedent would be welcomed," Baumann said. ®