A recent investigation has unveiled that LinkedIn, the prominent professional networking platform owned by Microsoft, is covertly scanning users’ browsers for installed extensions without their knowledge. This activity, discovered by the advocacy group Fairlinked e.V. under the campaign ‘BrowserGate,’ has raised significant privacy concerns among LinkedIn’s one billion users.
Uncovering the Hidden Code
The investigation revealed that LinkedIn’s JavaScript code silently scans for browser extensions every time a user accesses the site via Chrome-based browsers. This process, which identifies extensions by attempting to access certain files, operates without any visible signs to the user. The information collected is then encrypted and sent back to LinkedIn’s servers, as well as to external entities.
Implications of Covert Scanning
A significant aspect of this hidden surveillance is its potential impact on user privacy. As LinkedIn profiles are linked to real identities and workplaces, the data gathered provides detailed insights into users’ software preferences. This includes extensions related to job searches, religious beliefs, political views, and more. Such data, categorized as Special Category Data under GDPR, should not be processed without explicit consent, which LinkedIn currently lacks.
Wider Surveillance Network
Beyond LinkedIn’s servers, the BrowserGate investigation highlighted additional tracking elements from HUMAN Security, a cybersecurity firm known for its technology embedded in numerous websites. This element, along with scripts from LinkedIn and Google, collects data to create comprehensive device profiles of users, all without disclosure or consent.
LinkedIn has reportedly utilized this data to target users of competing services, even expanding its scan list from 461 products in 2024 to over 6,000 by early 2026. Legal actions are being considered as the practice is deemed illegal across various jurisdictions.
Steps for User Protection
Concerned users can take several measures to safeguard their privacy: utilizing Firefox or Safari for LinkedIn access, creating a dedicated Chrome profile with no extensions, or employing the Brave browser with fingerprinting protection. Additionally, users can review their browser extensions against BrowserGate’s public database.
As legal proceedings develop, LinkedIn users on Chromium browsers remain subject to this ongoing surveillance. Stay informed by following updates on Google News and other platforms.
