LinkedIn scans for 6,278 extensions and encrypts the results into every request
5 hours ago
- #Browser Fingerprinting
- #Privacy Violation
- #LinkedIn Surveillance
- LinkedIn scans for up to 6,278 browser extensions in Chrome to detect user software without consent, linking this data to verified professional identities.
- This extension scanning, part of a larger fingerprinting system called APFC or DNA, collects detailed browser and device characteristics, including canvas fingerprint, WebGL, and installed fonts.
- The data is encrypted and sent to LinkedIn's servers, enriching user profiles with personal inferences like job searches, political or religious affiliations, and disability accommodations.
- LinkedIn's practices are not disclosed in their privacy policy, and users face enforcement actions based on installed extensions, such as being flagged for job searching.
- The scanning enables cross-platform data stitching, allowing LinkedIn to merge behavioral data from third parties with professional identities, amplifying surveillance across the web.
- A criminal investigation is underway by the Bavarian Central Cybercrime Prosecution Office, citing potential violations of the EU's Digital Markets Act against covert tool detection and user targeting.
- The fingerprinting ecosystem extends beyond LinkedIn, facilitating the modern surveillance economy by connecting profiles from different platforms without user knowledge.