"LinkedIn users who sign up to get their identity and credentials "verified" online are unwittingly routing their personal data to a third-party company that lurks in the background to accumulate and share that information with parties ranging from government and consumer credit agencies to utility companies and mobile network providers. The clandestine process was exposed last week by a Zurich-based Mastodon user who calls himself "rogi" and writes about "surveillance capitalism" on a blog dubbed The Local Stack."
""I wanted the blue checkmark on LinkedIn," explained rogi, who builds privacy-first tools and offers data protection advice. "The one that says 'this person is real.'" Following LinkedIn's step-by-step guide to getting verified, rogi said he scanned his passport, took a selfie, and within three minutes was awarded the site's signature blue checkmark. "Then I did what apparently nobody does," he said. "I went and read the privacy policy and terms of service"-only to discover those 34 pages of disclosures didn't stem from LinkedIn."
LinkedIn routes verification applicants through Persona Identities, a third-party verification platform that collects and processes personal data. Persona extracts names, addresses, birthdays, contact details, facial geometry from photos, precise geographic location, and behavioral biometrics such as hesitation detection and input method. Persona's platform is used by businesses to fight fraud, meet compliance requirements, and manage onboarding. Persona accumulates and shares collected data with parties including government agencies, consumer credit agencies, utility companies, and mobile network providers. The verification flow and Persona's 34-page privacy disclosures are presented to users during the process, often without users recognizing Persona's role.
Read at Inc
Unable to calculate read time
Collection
[
|
...
]