I ended up deciding that I was getting no value from the account, and I heard unpleasant things about the company, so I deleted the account.
Within hours I started to get spam to that unique email address.
It would be interesting to run a semi-controlled experiment to test whether this was a fluke, or if they leaked, sold, or otherwise lost control of my data. But absolutely I will not trust them with anything I want to keep private.
I do not trust LinkedIn to keep my data secure ... I believe they sold it.
But I have such low faith in the platform that I would readily believe that once they think you're not going to continue adding value, they find unpleasant ways to extract the last bit of value that they reserve only for "ex"-users.
It amazing really. If you reached out to people and asked them for the information and graph that LinkedIn maintains, most employers would fire them.
What do you mean by "intelligence platform"?
After that, I never installed it again (but too late), and I bought a second (non-smart) phone.
Confirmed 5 years later in media; https://www.bloomberg.com/news/articles/2013-09-20/linkedin-...
I'd consider that a feature that would increase trust in such a platform. These platforms require trust, right?
Because it should still be my choice as to what you do with it, which data you associate with it, and how you store it. Removing that choice is anti-privacy.
Why is that your assumption?
So, in aggregate, all 17 data leeches are getting info. They are not getting info on all you users, but different subsets hit different subsets of the "subprocessors" you use.
And there's literally no way of knowing whether or not my data hits "two" or "three" or all 17 "at the most".
> but especially your _face_ is going to be _everywhere_ on the internet. Who are we kidding here? Why would _that_ be the problem?
If you don't see this as a problem, you are a part of the problem
> If you don't see this as a problem, you are a part of the problem
I think you're misunderstanding me. I'm just saying that there are way bigger fish to fry in terms of privacy on the internet than passport data. In the end, your face is on every store's CCTV camera, your every friends phone, and every school yearbook since you were a kid. Unless you ask all of them to also delete it once they are done with it.
Was forced to verify to get access to a new account. Like, an interstitial page that forced verification before even basic access.
Brief context for that: was being granted a salesnav licence, but to my work address with no account attached to it. Plus I had an existing salesnav trial underway on main account and didn't want to give access to that work.
So I reluctantly verified with my passport (!) and got access. Then looked at all the privacy settings to try to access what I'd given, but the full export was only sign up date and one other row in a csv. I switched off all the dark pattern ad settings that were default on, then tried to recall the name of the company. Lack of time meant I haven't been able to follow up. I was deeply uncomfortable with the whole process.
So now I've requested my info and deletion via the details in the post, from the work address.
One other concern is if my verified is ever forced to be my main, I'll be screwed for contacts and years of connections. So I'll try to shut it down soon when I'm sure we're done at work. But tbh I don't think the issues will end there either.
Why do these services have to suck so much. Why does money confer such power instead of goodwill, integrity and trust/trustless systems. Things have to change. Or, just stay off the grid. But that shouldn't have to be the choice. Where are the decentralised services. I'm increasingly serious about this.
I'm forced to verify to access my existing account.
I cannot delete it, nor opt out of 'being used for AI content' without first handing them over even more information I'm sure will be used for completely benign purposes.
Kids in Oz were getting around social media age restrictions by holding up celeb photos. I doubt that'll work in this case, but I'd be tempted to start thinking of ways to circumvent.
At the risk of losing the account, it's a very bad situation they are forcing people into.
I understand, and even agree, that how this is being handled has some pretty creepy aspects. But one thing missing from the comments I see here and elsewhere is: How else should verification be handled? We have a real problem with AI/bots online these days, trust will be at a premium. How can we try to assure it? I can think of one way: Everyone must pay to be a member (there will still be fraud, but it will cost!). How else can we verify with a better set of tradeoffs?
There is some info from Persona CEO on (of course) LinkedIn, in response to a post from security researcher Brian Krebs: https://www.linkedin.com/posts/bkrebs_if-you-are-thinking-ab... . I note he's not verified, but he does pay for the service.
Many European countries have secure electronic identifications that are trusted by the government, banks etc.
Linkedin could easily use this to verify the identities.
Example of services where you can verify the identity with 35 different providers using a single API:
https://www.signicat.com/products/identity-proofing/eid-hub or https://www.scrive.com/products/eid-hub
I doubt it would take more than a sprint to integrate with this or other services.
Digital certification from the gov sounds a lot like "digital ID", which has run into considerable resistance in the UK and EU in just the last few months. As a general observation I find most EU citizens I interact with much more trusting of government than ... well, any other group of folks I have interacted with (I have the privilege of having lived and worked in S. America, N. America, sub Saharan Africa and now an EU country). If it does not fly well here, I don't think its general solution that most people would be comfortable with.
https://blogs.lse.ac.uk/europpblog/2025/10/09/britcard-uk-di...
They can do what they please. Its due to the network effects. The tie-ins of tech are so strong, I'd wager that %99 of why they succeed has nothing to do with competency or making a product for the user, just that people are too immobile to jump ship for too many reasons. Its staggering how much stronger this is than what people give credit for. Its as if you registered all your cells with a particular pain medication provider, and the idea of switching pills makes one go into acute neurosis.
Besides, its UX has decayed to a "Facebook for the employed", where John Doe praises himself for mastering a mandatory training at work or taking Introduction to HTML at "Harvard" via Coursera.
1. they are selling you as a target.
2. some people, governments, groups, whatever are willing to pay a lot of money to obtain information about you.
3. why would someone pay good money to target you unless they were going to profit from doing so. are they stupid? no.
4. where does that profit come from? If some one is willing to pay $100 to target you, how are they going to recoup that money?
5. From you.
There is simply no other way this can have worked for this long without this being true.
It is a long causal change, so it is fair to ask whether there is any empirical evidence. If this is true we would expect to see ...? Well how about prices going up? Well how about in general people are less able to afford housing, food, cars, etc.
I'm speculating here, but perhaps it is predictability. There is a common time warp fantasy about being able to go back and guess the future. You go back and bet on a sports game. If I can predict what you are going to do then I can place much more profitable bets.
Do the corporations that participate in this scheme provide mutual economic benefit? Do they contribute to the common wealth or are they parasitical?
No one likes to think they have parasites. But we all do these days.
LinkedIn is slightly different, as it's fundamentally framed as a job board and recruiting platform. The paying customers are recruiters, and the product is access to the prospective candidates. Hence, LinkedIn offering for free services such as employee verification, work history verificarion, employee vouching, etc.
> Let that sink in. You scanned your European passport for a European professional network, and your data went exclusively to North American companies. Not a single EU-based subprocessor in the chain.
Not sure LinkedIn is a European professional network.
That's a hallmark of GPT spam, so it's not surprising there's hallucinations.
And of course those Europeans use LinkedIn for the network effect (even though LinkedIn is just a pathetic sad dead mall now, so most are doing so for an illusion), because other prior waves of Europeans also used LinkedIn, and so on. Domestic or regional alternatives falter because everyone demands they be on the "one" site.
The centralization of tech, largely to the US for a variety of reasons, has been an enormous, colossal mistake.
It's at this point I have to laud what China did. They simply banned foreign options in many spaces and healthy domestic options sprouted up overnight. Many countries need to start doing this, especially given that US tech is effectively an arm of a very hostile government that is waging intense diplomatic and trade warfare worldwide, especially against allies.
Every hiring process I've been through already requires proof of identity at some point. Background checks, I-9s, whatever it may be. So you're essentially handing your ID to a third party just to get a badge that doesn't skip any steps you'd have to do anyway.
(whether it actually does or the monkeys now got a steady source of fake/stolen IDs is another matter)
There's so many angles of grind with this kind of thing that big tech has gradually normalised.
- that I just have "work email verified" and that there is a Persona thing I was not even aware of
- a post by Brian Krebs at the top of my feed, exactly on that topic: https://www.linkedin.com/posts/bkrebs_if-you-are-thinking-ab...
Of course, that works probably because my work has a linkedin account so they know what the official domain is for it.
I guess they'll spam that email but it's not like I care. I already receive spam offering me subcontracting services so I guess it's published somewhere.
The need / demand for some verification system might be growing though as I’ve heard fraudulent job application (people applying for jobs using fake identities… for whatever reason) is a growing trend.
Is there anything special about a passport photo, or can that be done from any photo of your face?
On the other hand I see many people posting in official capacity for an organization without verification.
When they actively represent their current company but with a random verification from a previous one it gets pretty absurd.
In its current form LinkedIn verification is pretty worthless as a trust signal.
I gave in and verified. Persona was the vendor then too. Their web app required me to look straight forward into my camera, then turn my head to the left and right. To me it felt like a blatant data collection scheme rather than something that is providing security. I couldn't find anyone talking about this online at the time.
I ended up finding a job through my Linkedin network that I don't think I could have found any other way. I don't know if it was worth getting "verified".
---
Related: something else that I find weird. After the Linkedin verification incident, my family went to Europe. When we returned to the US, the immigration agent had my wife and I look into a web cam, then he greeted my wife and I by name without handling our passports. He had to ask for the passport of our 7 month old son. They clearly have some kind of photo recognition software. Where did they get the data for that? I am not enrolled in Global Entry nor TSA PreCheck. I doubt my passport photo alone is enough data for photo recognition.
> Let that sink in. You scanned your European passport for a European professional network, and your data went exclusively to North American companies. Not a single EU-based subprocessor in the chain.
LinkedIn is an American product. The EU has had 20 years to create an equally successful and popular product, which it failed to do. American companies don’t owe your European nationalist ambitions a dime. Use their products at your own discretion.
Of course an American company is subject to American law. And of course an American company will prioritise other local, similar jurisdiction companies. And often times there’s no European option that competes on quality, price, etc to begin with. In other words I don’t see why any of this is somehow uniquely wrong to the OP.
> Here’s what the CLOUD Act does in plain language: it allows US law enforcement to force any US-based company to hand over data, even if that data is stored on a server outside the United States.
European law enforcement agencies have the same powers, which they easily exercise.
No they don’t, not in the way that is implied here. A German court can subpoena German companies. Even for 100% subsidiaries in other European or non-European countries, one needs to request legal assistance. Which then is evaluated based on local jurisdiction of the subsidiary, not the parent. Microsoft Germany as operator is subject to US law and access. See Wikipedia “American exceptionalism” for further examples.
While OP is quite aggressive here, there is a nugget of truth: innovation doesn't happen because "we have the best lawyers" or "the best regulations". Maybe some self-criticism would be warranted to solve the problem.
Also nothing forces Europeans to use LinkedIn. I deleted my account long ago after getting search requests from NSA-adjacent private intel companies.
> Do you genuinely believe you are superior to the rest of the world?
This assertion wasn't made, in any way, by the person you're replying to, and it sounds as though it's being asked in anger. This entire conversation has been about data privacy and stewardship. The OP has pointed out, correctly, that there's nothing that has prevented a EU based professional social network from existing in a way that is satisfying for EU based data policy.
If you sign up on an American website, you've decided to do business with Americans in America. Why are you entitled to something that the people you are doing business with are not subject to?
Regardless of the fact that LinkedIn is an American company, it is required to comply with the GDPR when operating within the European Union. I am not a lawyer, but I don't believe that there is evidence of full compliance here.
American companies "complying" with is only required insofar as the EU authorities can do anything about it - and that's the same dynamic that exists across all geo boundaries on the internet, that's not specifically American - see China and its great firewall. If an American company is taking steps to be in compliance with GDPR, it's because there is benefit in doing so.
WRT GDPR, I'd ask a clarification before continuing - you said "operating within the EU" - what does that mean? If I deploy a website, from America, onto American servers, and you can reach them from within the EU, am I "operating within the EU"? I'm not trying to be coy by asking this, I actually don't know the extent to which I agree or disagree with you.
If you don't vote, you don't count.
Did you read the article? It's a dark pattern. It is an act that takes 3 minutes to perform. Yet it takes multiple days of reading legal documents to understand what actually happens. I would argue this feels wrong, to most people who interact with technology.
We have a set of laws here that companies are obliged to follow, regardless of where they are incorporated, so we expect that. We are used to having some basic human rights here, perhaps unlike most Americans these days.
Data processes and ownership of biometric data should be made explicitly clear. It shouldn't take days of reading to understand. It feels wrong to me too.
Claiming "the EU had 20 years to build an equally successful product" is the geopolitical equivalent of a deeply dysfunctional 1950s household. For decades, the husband insisted he handle all the enterprise and security so he could remain the undisputed head of the family. Then, after squandering his focus on a two-decade drunken military bender in the Middle East, he stumbles home, realizes he's overextended, and screams at his wife for not having her own Silicon Valley corner office, completely ignoring that he was the one who ruthlessly bought out her ventures and demanded her dependence in the first place.
America engineered a digitally dependent Europe because it funneled global data straight to US monopolies. To blame Europeans for playing the exact role the US forced them into is historical gaslighting. And pretending the CLOUD Act's global, extraterritorial overreach is the same as local EU law enforcement is just the icing on the delusion cake.
A Microsoft official explained during a french parliamentary session that he couldn't guarantee that the State data was safe from US requests. It created a shockwave, as everyone discovered what was evident from the start.
Of course, nothing happened, and they renewed every contract since then. We could talk about the F35 procurement.
As a fairly vociferous eu person....I fully agree.
However, gdpr covers all eu residents, so if US companies don't want to obey eu law, that'sa fine, too.
In any case, I don't know how much more ad money they'll extract from knowing what I look like. Maybe beauty products?
I was under the impression they just make database products. Do they have a side hustle involving collecting this type of data?
It can be some more nefarious use, but it can also just be that they (persona in this case) use their services to process/store your data.
Actually Steve Blank has a great talk on the roots of Silicon Valley. SV basically built upon military tech meeting private equity. That's why it's wildly different than say Berlin startup scene, and their products are global and free.
AWS EU region is not doing much, and I suspect most companies run on US providers. EU needs independent platform for this to matter.
I’m so tired of all these covert ops run by these businesses. They aren’t going to stop until there is a heavy price to pay.
Could never find any explanation why I was targeted by this - it said it detected “suspicious activity” but I only ever interacted with recruiters, and only occasionally. Supposedly it is deleted after if you don’t go all the way through, but I do not believe it. This data ends up in very weird places and they can go fuck themselves for it afaic.
https://en.wikipedia.org/wiki/Paravision_(identity_verificat...
Did you actually follow through with 1-4 and if so what was the outcome? how long did it take?
Hiding all this very important info (which literally affects the users life) behind an insignificant boring click! Even the most paranoid user will give up in certain use cases, (like with covid 19 which even though didn´t agree, you needed to travel, work making it compulsory). Every company that uses deciving techniques like this should be banned in Europe.
I resolved everything except LinkedIn. They required Persona verification to restore access, but I'd already recently verified with Persona, so clicking the re-verification links just returned a Catch-22 "you've already verified with us." LinkedIn support is unreachable unless you're signed into an account. I tried direct emails, webforms, DMs to LinkedIn Help on Twitter, all completely ignored.
Eventually some cooldown timer must have expired, because Persona finally let me re-verify last week. Upon regaining access, I was encouraged me to verify with Persona AGAIN, this time for the verified badge.
I now have a taste of what "digital underclass" means, and look forward to the day when no part of my income depends on horrible platforms that make me desperate for the opportunity to give away my personal data!
For US companies use their (typically Dublin) European HQs.
The maximum fine wasn't even achieved by Facebook, after years and many blatant GDPR cases. Do you really think someone is getting a fine for not replying to a subject access request in due time? If so I have a very good bridge to sell you, and that bridge has more probability to exist than Amazon getting any kind of GDPR fine for not acknowledging a SAR.
We are moving into the opposite direction. Drink a verification can.
However, they have a very generous free trial for sales/recruitment. You could probably activate it and get real support.
Do we know how they get that? Because my fingerprints are also in there, so...
And FP is a much worse modality to have registered because, as opposed to Face image, fingerprint is not affected by age. So that will match you 99.999999% for ever. Faces change.
The OP is right. For that reason we started migrating all of our cloud-based services out of USA into EU data centers with EU companies behind them. We are basically 80% there. The last 20% remaining are not the difficult ones - they are just not really that important to care that much at this point but the long terms intention is a 100% disconnect.
On IDV security:
When you send your document to an IDV company (be that in USA or elsewhere) they do not have the automatic right to train on your data without explicit consent. They have been a few pretty big class action lawsuits in the past around this but I also believe that the legal frameworks are simply not strong enough to deter abuse or negligence.
That being said, everyone reading this must realise that with large datasets it is practically very likely to miss-label data and it is hard to prove that this is not happening at scale. At the end of the day it will be a query running against a database and with huge volumes it might catch more than it should. Once the data is selected for training and trained on, it is impossible to undo the damage. You can delete the training artefact after the fact of course but the weights of the models are already re-balanced with the said data unless you train from scratch which nobody does.
I think everyone should assume that their data, be that source code, biometrics, or whatever, is already used for training without consent and we don't have the legal frameworks to protect you against such actions - in fact we have the opposite. The only control you have is not to participate.
The straight-from-LLM writing style is incredibly grating and does a massive disservice to its importance. It really does not take that long to rewrite it a bit.
I hope at least he wrote it on his local Llama instance, else it's truly peak irony.
> Here’s the thing about the DPF: it’s the replacement for Privacy Shield, which the European Court of Justice killed in 2020. The reason? US surveillance laws made it impossible to guarantee European data was safe.
> The DPF exists because the US signed an Executive Order (14086) promising to behave better. But an Executive Order is not a law. It’s a presidential decision. It can be changed or revoked by any future president with a pen stroke.
This understates the reality: the DPF is already dead. Double dead, two separate headshots.
Its validity is based on the existence of a US oversight board and redress mechanism that is required to remain free of executive influence.
1. This board is required to have at least 3 members. It has had 1 member since Trump fired three Democrat members in Jan 2025 (besides a 2-week reinstatement period).
2. Trump's EO 14215 of Feb 2025 has brought (among other agencies) the FTC - which enforces compliance with the DPF - under presidential supervision. This is still in effect.
Of course, everyone that matters knows this, but it doesn't matter, as it was all a bunch of pretend from day 1. Rules for thee but not for me, as always. But what else can we expect in a world where the biggest economy is ruled by a serial rapist.
Aside from their AI-slopped newsfeed (F@#$!!!) which should have died long ago, this is atrocious. "Enshittification" was created just for this. Sorry, I got sidetracked.
Isn't there anyone from LinkedIn here??
So it was nothing special for me.
> The reason? US surveillance laws […]
This slop in every blog post? Fucking tiresome.
Last year I was trying to setup a business LinkedIn page for SEO purposes, which meant I also had to create a personal account. After being told several times that I absolutely need to scan my ID card with that dodgy app I simply replied that I can't do it due to security concerns. After several weeks they unlocked my account anyway, but I suspect this would not happen if algorithms determined that I actually needed that account to find a job and pay my bills.
I never understand why people supply too much info about themselves for small gains.
People at LinkedIn wants you to believe that your career is safe if you play by their games, but ironically they are one of the main reasons why companies nowadays are comfortable with hiring and firing fast.
LinkedIn does not support smaller companies; it appears to rely on some kind of whitelist or known-enterprise system. This option is simply not available for at least 90% of users.
Pity, but even then is it worth to hand over your very personal data to multiple companies for the sake of blue tick? Not judging, genuine question.
;)
What this user missed is the affidavit option: you can get a piece of paper attested by a local authority and upload that instead, if you really really need a LinkedIn verified account.
Microsoft can go jump.
I too declined on privacy grounds.
I think my account was active for 10 minutes when it got blocked due to "suspicious activity" and locked. All I have to do now to activate is give them more of my information including my phone number.
I've had this same exact thing happen with Facebook and Instgram too. Facebook was probably no less than 5 years ago so this is not new. You can usually confirm your identity (which they do not know), using your phone number (which they do not have). Read that again. :) They ALL do this.
The kicker is you will not find any sympathy because they start with jurisdictions (3rd world) where they can get away with it and people will lecture you about how you must have done something because Facebook never asked for their phone number or blocked them.
I had Airbnb ask for my passport 10 years ago ffs and I did give it and they still didn't want to give me the place until the proprietor intervened and sorted it out. I had the same exact helpful comments about it online that I described above. "You must have done something", "You're full of shit, they don't ask for passport at all".
This attitude by my "fellow men" is what bothers me most about this whole thing.
And now it's global, the same people will probably go "what do you have to hide", "you show your passport at the border don't you?".
I usually say "great, can I install a camera in your bathroom? No? Do you have anything to hide? This is what it feels like to me."
Having said that, I've noticed most resumes I receive have GitHub links over LinkedIn. We've advertised on LinkedIn with mixed results, employee referrals have always been more effective.
Once it's a human contact Ai slop doesn't impact you.
Sadly, LinkedIn has replaced email for initial contact after fairs or in-person client meetings. New real-world contacts look you up on LinkedIn and then use it to ask for things like your email address or mobile number. Because of this, I'm even verified :-(.
Even though I use LinkedIn basically the same way Internet Explorer was used in 2009 (purely as a Firefox or Chrome downloader but not for browsing). LinkedIn is my initial contact details exchange, but not the platform to communicate.
> Isn't that just all ai slop?
It is. I basically get zero useful input. Just biased, shallow rubbish. If there is valuable content it is usually cross-posted from authors who also run blogs I already follow.
Edit: Spelling, grammar, style
That's quite cool, it means that soon models will be able to create a fake ID photos with real data.
I'm so excited about it! /s