The following is a Quora post answering the question, “Does LinkedIn Sell Your Info?”
This is likely to fall into a semantics question. If data is employed in the aggregate and your personally identifiable information is not disclosed, then I would argue that your information is not sold. Likewise, if you are presented an ad because your LinkedIn profile conforms with a target audience definition, your data is also not being sold.
I can’t answer for LinkedIn Recruiter, but can answer in the Sales and Marketing context.
LinkedIn offers a sales product called Sales Navigator. Users can view company and contact information on Navigator just as they can on the free service. It even supports viewing this data within third-party SNAP products. However, Navigator and SNAP are view only. Sales reps cannot download your profile or sync it with any of their partner platforms. They also restrict display of your email and phone information to your direct connects as well as other content you flag as restricted.
LinkedIn Marketing sells advertising on LinkedIn and Bing based upon your profile attributes. Advertisers define their target audience across a broad set of firmographic, career, and location variables, but these segments are not provided directly to the marketer. Instead, they are used for advertising display. Thus, your data isn’t sold, just your eyeballs.
LinkedIn treats its member’s data with respect. Microsoft, its parent company, has called for a US version of GDPR, the European data privacy standard. CEO Satya Nadella stated that “privacy is a fundamental human right” on an April 2018 earnings call and said that the firm has implemented an “end-to-end privacy architecture” which is GDPR compliant.
As part of their Q1 2019 release, LinkedIn rolled out a set of new SNAP (Sales Navigator Application Platform) partners including Altify, Drift, G2 Crowd, and Mixmax.
The Drift partnership allows sales reps to “continue website conversations” after a prospect drops off of a Drift chat: “sometimes people leave your conversation abruptly – it happens. But as an SDR, that’s a potential meeting walking out the door. So what do you do? Well now you can send a connection request or follow up message with InMail right from within Drift.”
integration also displays contact and company intelligence including shared
connections while a sales rep is chatting with a prospect visiting her website
(see image on right).
the days of toggling back and forth between LinkedIn and your ongoing sales
conversation,” said Drift Product Marketer Daniel Murphy. “Say goodbye to
awkward lags in conversations. Prospects will never again have to wait for a
response while SDRs search LinkedIn Sales Navigator or Salesforce to determine
if they’re a good fit. Now they can research a prospect’s company, see
mutual connections, and grab other insights and conversation starters – all in
gathers intent data from 24 million technology searchers. Intent data is
collected from G2 profile and category views along with competitor comparisons.
Sales reps are notified when followed accounts are researching on G2
based on contact connections, sales preferences, search histories, and profile
“People don’t buy today as a result of cold calls and emails. The power is in the hands of the buyers doing more research than ever before. As sales teams, we need to focus on accepting the modern buyer journey and connecting to the right buyers at the right time. We’ve always been aligned with LinkedIn on this vision, and this integration helps us make it a reality.”
G2 Chief Revenue Officer Matt Gorniak
SNAP integration supports InMail and Connection requests and profile views from
org-chart software now displays insights and helps users identify key buyers
across an organization.
also noted that it will be available within the Salesforce Winter 2019 release.
Salesforce admins can install the application from the Lightning Setup
Console instead of the AppExchange.
One problem that
has long dogged sales intelligence vendors is ongoing training and product
exploration. To encourage exploration, Sales Navigator added a coaching
feature to extend product knowledge. Sales Navigator Coach is a new
dashboard that “suggests actions for customers to take and links to short
learning videos.” Actions are associated with core workflows. The
videos run thirty to forty seconds.
Finally, GDPR opt-outs are being added to PointDrive presentations. PointDrive recipients will be able to revoke viewer tracking permission, effectively anonymizing their viewing data from sales reps.
While the change is pro-privacy and consistent with GDPR, TechCrunch took a negative view of the new setting.
A win for privacy on LinkedIn could be a big loss for businesses, recruiters and anyone else expecting to be able to export the email addresses of their connections.…[The new option] could prevent some spam, and protect users who didn’t realize anyone who they’re connected to could download their email address into a giant spreadsheet. But the launch of this new setting without warning or even a formal announcement could piss off users who’d invested tons of time into the professional networking site in hopes of contacting their connections outside of it…
On a social network like Facebook, barring email exports makes more sense. But on LinkedIn’s professional network, where people are purposefully connecting with those they don’t know, and where exporting has always been allowed, making the change silently seems surreptitious. Perhaps LinkedIn didn’t want to bring attention to the fact it was allowing your email address to be slurped up by anyone you’re connected with, given the current media climate of intense scrutiny regarding privacy in social tech. But trying to hide a change that’s massively impactful to businesses that rely on LinkedIn could erode the trust of its core users.
TechCrunch overstates the loss. Member control their data, not LinkedIn or LinkedIn connections. Second, there are multiple ways to reach users from within LinkedIn including InMail, messaging, and PointDrive. Unless the email is blocked on the profile, connections still have access to emails from within LinkedIn. Finally, most emails in LinkedIn are personal emails, not business emails (an issue they should address by allowing both and setting privacy and messaging rules around multiple emails), so reaching out to individuals on their emails only makes sense for friends, family, and recruiters on LinkedIn, not businesspeople networking with colleagues and clients.
While LinkedIn wasn’t transparent about the privacy change, it enhanced the privacy of its members. As such, looking for nefarious reasons for the enhancement is a reach.
Speaking at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC), Apple CEO Tim Cook forcefully called for expanded global privacy protections akin to GDPR:
Our own information — from the everyday to the deeply personal — is being weaponized against us with military efficiency. These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded and sold. Taken to the extreme this process creates an enduring digital profile and lets companies know you better than you may know yourself. Your profile is a bunch of algorithms that serve up increasingly extreme content, pounding our harmless preferences into harm…
We shouldn’t sugarcoat the consequences. This is surveillance…
We should celebrate the transformative work of the European institutions tasked with the successful implementation of the GDPR. We also celebrate the new steps taken, not only here in Europe but around the world — in Singapore, Japan, Brazil, New Zealand. In many more nations regulators are asking tough questions — and crafting effective reform.
It is time for the rest of the world, including my home country, to follow your lead.
We see vividly, painfully how technology can harm, rather than help. [Some platforms] magnify our worst human tendencies… deepen divisions, incite violence and even undermine our shared sense or what is true or false.
This crisis is real. Those of us who believe in technology’s potential for good must not shrink from this moment…
They may say to you our companies can never achieve technology’s true potential if there were strengthened privacy regulations. But this notion isn’t just wrong it is destructive — technology’s potential is and always must be rooted in the faith people have in it. In the optimism and the creativity that stirs the hearts of individuals. In its promise and capacity to make the world a better place.
It’s time to face facts. We will never achieve technology’s true potential without the full faith and confidence of the people who use it.
He also warned about the dangers of AI which fails to protect privacy:
Artificial intelligence is one area I think a lot about. At its core this technology promises to learn from people individually to benefit us all. But advancing AI by collecting huge personal profiles is laziness, not efficiency.
For artificial intelligence to be truly smart it must respect human values — including privacy. If we get this wrong, the dangers are profound. We can achieve both great artificial intelligence and great privacy standards. It is not only a possibility — it is a responsibility…
Yesterday, Cook tweeted that privacy is a human right
based upon four principals:
Data Minimization – Personal data collection should be minimized or de-identified.
Transparency – Individuals have the right to know what is being collected and for what purpose.
Right to Access – “data belongs to users” with personal data available to individuals for copying, correcting, and deleting.
Right to security – “security is foundational to trust and all other privacy rights”
Last month Sales Navigator began rolling out its Q3 release. Amongst the features are a Pipeline Review and Buyers Circle (discussed last Friday), improved Search, and additional SNAP integrations.
Sales Navigator Account and Lead Search have been redesigned for speed and ease. The Account and Lead Search functions and results (see 1 below) are more prominent, offer streamlined search filters (see 2), and deliver simplified save search and alerting processes. Other enhancements include hover cards (see 3) which display company intelligence when mousing over a company name. Hover cards include a Save as Account button.
LinkedIn originally designed their mobile app to complement the desktop service but is working to make mobile a “full-featured Sales Navigator experience.” Last quarter, they focused on Account enhancements and this quarter they brought the mobile Lead experience to parity with the desktop service.
“We will continue to narrow the gap between our mobile and desktop experiences in upcoming releases, and take advantage of the unique characteristics of mobile as well.”
Doug Camplejohn, VP of Product Management at LinkedIn Sales Solutions.
LinkedIn continues to invest in its SNAP partner program. This quarter, Adobe Sign was added as a partner and three partners (Salesforce, MS Dynamics, and SalesLoft) took advantage of their version two capabilities. SFDC and MSD now broadly embed LinkedIn intelligence in Lead, Account, and Opportunity pages. Users may also send InMails from within the CRM.
The next generation SNAP integrations are modular, providing greater flexibility around where content is displayed. New modular features include InMail support and the handling of Potential Profile Matches.
LinkedIn has taken a “Switzerland approach” to its partnerships, working with both Microsoft and its competitors.
The firm reiterated its commitment to data security and GDPR compliance. “LinkedIn maintains ISO 27001 & ISO 27018 certifications, as well as a SSAE-18 certification, SOC 2 Type I report,” noted the firm in its briefing to Admins.
Finally, LinkedIn added an Ideas site to its Sales Navigator Community portal where admins can “submit, vote on, comment on and track status of ideas for how to improve Sales Navigator.”
One of the concerns raised by GDPR is fear of draconian fines, but that should not be a concern in the UK, at least for those who act in good faith. “I have no intention of changing our proportionate and pragmatic approach, said ICO Information Commissioner Liz Denham. “Hefty fines will be reserved for those organisations that persistently, deliberately, or negligently flout the law.”
And while many have complained that GDPR is a major hindrance to traditional marketing, it redirects efforts towards better targeted accounts and prospects. “B2B direct marketing is alive and well, and is explicitly envisaged in the GDPR legislation,” said Kevin Savage, Rhetorik’s Chief Revenue Officer. “You can do B2B marketing, and you should because compliance requirements are really a blessing in disguise. Relying on Legitimate Interest requires you to be more mindful and selective about the personal data you keep and use. This selectivity enables you to be more targeted in your messaging, to cut through the noise and engage prospects more effectively.”
Please find the underlying statutes for major European countries, courtesy of Rhetorik:
Yesterday, I presented a discussion of Legitimate Interest as the basis of GDPR communications. For B2B companies in the UK, the 2003 PECR (The Privacy and Electronic Communications Regulations of 2003) law is often applicable when assessing GDPR and Data Privacy:
GDPR and Data Privacy under UK PECR and Non-PECR scenarios (Source: Rhetorik)
The PECR discusses soft opt-ins for individuals, sole traders and some partnerships, but not B2B. The ICO states that “the term ‘soft opt-in’ is sometimes used to describe the rule about existing customers. The idea is that if an individual bought something from you recently, gave you their details, and did not opt out of marketing messages, they are probably happy to receive marketing from you about similar products or services even if they haven’t specifically consented. However, you must have given them a clear chance to opt out – both when you first collected their details, and in every message you send. The soft opt-in rule means you may be able to email or text your own customers, but it does not apply to prospective customers or new contacts.”
Legitimate Interest also applies to data licensing relationships and marketing partnerships. If personal data interest is maintained for a specific purpose (e.g. Technology Sales), data licensing and sharing needs to be kept within the original scope.
Legitimate Interest and Consent also apply within a company. Data maintained for one product line may not be usable for others, particularly if the firm spans multiple sectors.
The UK Direct Marketing Association published guidance on the subject of Legitimate Interest helping make sense of Article 6.1.f:
“Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.”
And Recital 47:
“The legitimate interests of a controller, including those of a controller to which the Personal Data may be disclosed, or of a third party, may provide a legal basis for processing, provided that the interests or the fundamental rights and freedoms of the data subject are not overriding, taking into consideration the reasonable expectations of data subjects based on their relationship with the controller.”
Once the basis of holding personal data is met, companies have additional conditions to meet around transparency (notification and the right to object), data minimization (Is there a legitimate interest in collecting all of the fields? How long is data retained?), and reasonable expectation (limited impact to personal and private life; ensuring data accuracy).
For individuals who opt out, firms must retain suppression lists to prevent the re-collection of personal information. The suppression list should be the minimal information required to ensure the individual is not added back into the marketing database at a later date. With B2B, the list may simply be name and email.
The GDPR also sets out expectations which are relationship specific: