Not sure I follow the logic. The list of profiles I visit feels like it’s my data, not the owners of target profile. By that logic can I GDPR chrome for the browsing history of anyone who has visited my site? IANAL but I thought GDPR is about getting a copy of your data, not others.

▲

Macha 4 hours ago | parent | next [-]

The problem for linkedin is they try to simultaneously claim that it’s the visitors data and therefore they can’t disclose it at the same time as claiming its linkedin’s data so they can sell access to it

	▲	treis 43 minutes ago \| parent [-]
		They claim they don't have to disclose it not that they can't.

▲

zkmon 4 hours ago | parent | prev | next [-]

Going by that logic, they shouldn't be selling your data to their premium users. Either way, LinkedIn is on the wrong footing.

▲

nananana9 3 hours ago | parent [-]

They can spin it as "the list of profiles you visit is your data", this list they'll probably give you if requested, but in addition they're also willing to sell you others' data (the list of people who visit you).

Not precisely a nice way to put it, but it seems consistent to me.

	▲	luma 3 hours ago \| parent \| next [-]
		It falls on its face as soon as they offer to sell that data to someone else, which is exactly what they're doing. Can't have it both ways.
	▲	Ravus 3 hours ago \| parent \| prev [-]
		"personal data’ means any information relating to an identified or identifiable natural person" - GDPR article 4 Data often pertains to multiple people (trivial case: direct messages between two users); the rights of GDPR apply to your data, regardless of whether it also pertains to multiple others, subject to some restrictions to safeguard the rights of others. Those legal restrictions clearly don't apply because you could pay to obtain that access. LinkedIn would need to prove in court that the list of users who visited your profile is not your data. Additionally, your profile is undisputably your data. Per article 15 of the GDPR, you have a right to access "the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations".

▲

ajdude 4 hours ago | parent | prev | next [-]

I think it's more like if you owned a blogspot site, and you're gdpr'ing the list of users who visited your site (given Google logged every single user who visited, and associated that visit specifically with you).

Linkedin is recording every person who visits your profile and keeps that in your user records, and they are already selling it back to you. The argument is that you have a right to that data.

Linkedin is arguing that this data needs to be protected for the privacy of those visiting your profile and the argument is that if they really believed that, they wouldn't sell it back to you, compromising that privacy anyway.

▲

Hamuko 3 hours ago | parent | prev [-]

If Google approached me and offered me Chrome Premium that allows me to see the identities of everyone who has visited my site, I feel like we wouldn't be having this discussion right now.