Microsoft has set aside $425 million for a possible fine that Irish privacy watchdog IDPC is going to impose on the company for violation of privacy law GDPR by Microsoft subsidiary LinkedIn.
Late last week, Microsoft announced the reservation for the fourth quarter of fiscal year 2023 in a statement addressed to investors. The company says it reached the decision after it was given access to a draft decision by the Irish regulator. As Microsoft’s European headquarters is located in Ireland, the Irish regulator acts in case of violation of European rules.
The case dates back to 2018 and revolves around a complaint that LinkedIn exceeded GDPR rules introduced two years earlier with targeted ads. Microsoft maintains that LinkedIn is not to blame. Therefore, once the IDPC’s decision becomes public, the company plans to appeal both the decision itself and the amount of the fine. The reserved amount is intended for if that appeal case does turn out to Microsoft’s disadvantage. Incidentally, it is still unclear when the IDPC plans to publish the final decision.
IDPC tackles big tech
The IDPC is hitting big tech companies hard with fines this year. Back in January, Meta was fined €390 million for forcing subscribers to give permission to use their personal data for targeted ads if they wanted to access Facebook and Instagram. In late May, Meta was fined again for transferring users’ personal data to servers in the United States. At the time, the fine was a record 1.2 billion euros.
The Register further recalls that this is not the first time LinkedIn has crossed swords with the IDPC. Shortly after the GDPR came into force, the IDPC objected to a possibility at LinkedIn to automatically send contacts from the account holder’s address book an invitation to also sign up to LinkedIn. Following a direction from the IDPC, LinkedIn removed this option specifically for European users.