A LinkedIn feature that allows paid subscribers to view a list of visitors to their profile should be made available to all EU users free of charge to comply with the region’s General Data Protection Regulation (GDPR), a legal complaint launched by the None of Your Business (NOYB) digital rights group has claimed.
Filed this week in an Austrian court, the group’s argument is that LinkedIn’s ‘Who’s Viewed Your Profile’ feature contravenes the GDPR Article 15, which covers a subject’s right of access to their own data.
NOYB has a history of taking on tech companies. In 2025, Google was hit by a €325 million ($381 million) fine by French privacy regulator, the CNIL, over its data collection and advertising policies after a complaint by the group.
Contradictory policy
LinkedIn began offering users the ability to see who has viewed their profile around 2007, later turning this into a paywalled perk in a move that pre-dated the arrival of GDPR in 2018.
According to NOYB, this commercialization left non-subscription users in a bind. Profile visitor data should legally be accessible to EU citizens under GDPR, but when they ask for this via a formal Data Subject Access Request (DSAR), LinkedIn refuses access, citing data protection.
Despite this, if the user subscribes to a LinkedIn Premium Career plan starting at €30 per month ($40 per month in the US), the same data suddenly becomes accessible.
“It is particularly absurd that LinkedIn is using a supposed ‘data protection interest’ as an argument to deny the right of access to data under the GDPR,” argued NOYB’s press release.
In NOYB’s view, LinkedIn’s policy is contradictory. The company limits access to something that should legally be free because allowing access would undermine the incentive to pay for it.
“Either the data must not be accessible to anyone, or – if it is clear to the visitor that the data is visible – it must also be disclosed in accordance with Article 15 GDPR,” NOYB said. In its view, LinkedIn’s policy of charging to access this data is illegal and the company should be fined to prevent future breaches.
Right to view
LinkedIn will doubtless point out to the Austrian Data Protection Authority that all users, including free subscribers, can opt out of having their profile visit made visible by toggling off the feature in Settings/Visibility tab/’Visibility when viewing other profiles’. Then each visit a user makes to another profile is recorded as one by an ‘Anonymous LinkedIn Member’. Free users can also see the last five visitors to their profile, as long as those users have not selected this anonymity setting.
It’s possible the company will further argue that, under Article 15, the rights of users to know who has viewed their data conflicts with the rights of other users to maintain their own privacy.
When contacted for response, a LinkedIn spokesperson sent the following statement: “This assertion [by NOYB] is false. Not only is it incorrect that only Premium members can see who has viewed their profile, but we also satisfy GDPR Article 15 by disclosing the information at issue via our Privacy Policy.”
According to Helen Brain, partner and head of commercial at Square One Law in the UK, the case would cause problems for LinkedIn’s lawyers even if the outcome remained uncertain.
“NOYB appears to have a strong argument that LinkedIn is breaching GDPR in one way or the other, but it’s impossible to say how likely they are to succeed before we see LinkedIn’s counter-arguments,” she said.
The complaint is on strong ground when arguing that profile visits should fall under GDPR Article 15 Right of Access. “If the viewer’s personal data is private and shouldn’t be disclosed in response to a DSAR by the viewed person, logically that means the viewer’s personal data should not be disclosed to premium account holders either,” said Brain. “If NOYB is successful in its complaint, the Austrian Data Protection Authority could ultimately issue a fine, and that could be substantial.”
However, predicting the wider effect on technology companies using the same ‘data as a feature’ to incentivize paid subscriptions is difficult in advance of a ruling. If NOYB prevails, LinkedIn could be ordered to stop its disclosure of profile searchers or, alternatively, to make this available free of charge in response to DSARs.
However, Brain believed the issue might come down to the way consent is gained. “Even if LinkedIn is ordered to change what it is doing, it will find a new way to gain consent to permit the disclosures of searchers lawfully and continue to charge for the data they gather.”