A new investigation published by Fairlinked e.V. has triggered major controversy around LinkedIn's data collection practices. If you have been using the platform lately for your job hunting, you need to be aware of this.
The report alleges that the platform runs a hidden system, internally referred to as "Spectroscopy," which scans users' browsers for thousands of installed extensions and builds a detailed digital fingerprint of their devices without explicit user awareness.
LinkedIn's Alleged Spectroscopy System
According to findings spotted by Bleeping Computer, a 2.7MB JavaScript bundle loads whenever users open LinkedIn in a browser. This script reportedly executes thousands of simultaneous checks to detect over 6,000 Chrome extensions. It does this by probing extension files and identifying whether they exist on a user's system.
Beyond extensions, the system allegedly gathers around 48 device attributes, including CPU cores, memory, screen resolution, language settings, timezone, and hardware details. When combined, this data forms a highly unique fingerprint that can track users even after cookies are cleared.
Data Transmission and Session Tracking Mechanism
Once collected, the information is encrypted using RSA and transmitted to LinkedIn telemetry endpoints. The fingerprint is then attached to every API request during the session, meaning it follows every search, message, and profile view made by the user.
Sensitive Extension Categories Under Scrutiny
The report claims LinkedIn's scanning list includes tools related to competitors, job-seeking activity, political interests, and even neurodivergent or religious categories.
Moreover, this raises concerns under the EU's GDPR framework, where such data may be classified as sensitive personal information requiring explicit consent.
How Did LinkedIn Respond to the Shady Scheme?
According to The Next Web, LinkedIn denies wrongdoing, stating that its system is intended to detect unauthorized scraping and protect platform integrity.
The company argues that it does not use extension data to infer sensitive user information. However, independent verification by security researchers has confirmed the scanning behavior.
Regulatory Pressure Around LinkedIn
The controversy emerges amid increased scrutiny of LinkedIn's data practices, following a €310 million GDPR fine in 2024. With more than one billion users worldwide, regulators may soon face pressure to examine whether such invisible tracking aligns with modern data protection laws.
ⓒ 2026 TECHTIMES.com All rights reserved. Do not reproduce without permission.
