Ireland's Privacy Regulator Completes Audit of LinkedIn, but Won't Divulge Contents

By Ali Qassim

Nov. 4 — Ireland's Office of the Data Protection Commissioner (DPC) made recommendations to LinkedIn Corp.-Ireland in its privacy audit report but won't disclose details of how the professional networking site could improve its data protection program, an agency spokeswoman told Bloomberg BNA Nov. 4.

She said “interactions between the DPC and organizations are confidential,” and it was therefore up to LinkedIn to decide whether to publish the agency's audit report. LinkedIn is one of several U.S. Internet and social media companies with European headquarters in Ireland.

The agency spokeswoman said the audit on LinkedIn was finalized in July and took just over 12 months to complete. According to the DPC's 2013 annual report, LinkedIn “agreed to a wide range of ‘best practice' improvements” before the audit report was completed.

Ireland's Data Protection Act (1998 and 2003) authorizes the DPC to carry out privacy audits and inspections to ensure organizations are complying with the law and to identify possible breaches.

“Under the Data Protection Acts, the Commissioner owes a duty of confidentiality to organizations it investigates and on this basis does not normally issue any statements in relation to specific investigations and their outcomes,” the DPC spokeswoman told Bloomberg BNA.

Earlier Audit of Facebook

In December 2011, the DPC made public an audit report of Facebook Ireland (FB-I), which processes data from worldwide locations other than the U.S. and Canada for the social media giant.

At the time, the DPC said the public release of the audit report was unusual, explaining that FB-I agreed in advance of the audit that the report should be published.

To contact the reporter on this story: Ali Qassim in London at

To contact the editor responsible for this story: Michael O. Loatman at