This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

5 Things you can do to help stop BrowserGate

LinkedIn has 33,000 employees and a $15 billion legal budget.
But we are one billion LinkedIn users.
And you have this list.

01 | Check if your tools are on the list

Search the database of 6,222 extensions LinkedIn scans for.

Search the list →

Enter your extension name or ID and see it in LinkedIn’s actual JavaScript code. Takes 10 seconds.

02 | Share this with someone who should know

Most people have no idea this is happening. Use our pre-written posts and media assets to share on LinkedIn, X, Mastodon, Bluesky, or Facebook. Each post is tailored to the platform. One click.

03 | Join our mailinglist and Whatsapp group

Legal updates, new technical findings, press coverage, and calls to action. No spam. Unsubscribe or leave anytime.

Join our mailinglist →
Join our Whatsapp group →

04 | Talk to the press

Know a journalist? Ask them what they need to cover BrowserGate.
Don’t know one? Call your local newspaper, radio station, or TV newsroom and ask why they haven’t reported that LinkedIn scans 405 million users’ browsers without consent.

How to talk to the media →

Every professional with a LinkedIn account is affected. Every business with a LinkedIn company page is affected. Every employee whose browser is being fingerprinted without their employer’s knowledge is affected. That is a story.

05 | Support the Browsergate Legal Fund

Microsoft has unlimited legal resources. They respond to a 5-page brief with a 120-page filing drafted by 50 lawyers. The goal is not to win on arguments. The goal is to exhaust opponents financially.

The only way to match that is collective funding. Your donation finances the legal proceedings through Fairlinked e.V., the German nonprofit pursuing DMA enforcement against LinkedIn.

Donate here→

Coming soon:

06 | Send a letter

Emails get ignored. Letters create a paper trail. They generate records. They require responses.

You can send letters to:

  • Your local data protection authority — file a formal complaint about LinkedIn’s extension scanning.
  • Microsoft/LinkedIn directly — demand they disclose what data they collected about your browser, under GDPR Article 15.
  • Your national IT security authority (CERT) — report unauthorized code execution. LinkedIn injects JavaScript that probes your browser for installed software without disclosure.
  • Your member of parliament or MEP — demand they push the European Commission to investigate LinkedIn’s DMA non-compliance.

[TODO: We are building an AI-assisted letter generator that drafts, prints, and mails these letters on your behalf. Each letter includes a donation to Fairlinked to finance the legal fight.]

07 | Request your data from LinkedIn

You have the right to know what LinkedIn collected about you. Send them a GDPR Subject Access Request and demand they disclose:

  • Which extensions they detected on your browser
  • When they scanned your browser
  • What data they stored
  • Who they shared it with
  • Their legal basis for processing

Do not ask for the standard data export. Ask specifically for extension detection data, device fingerprinting data, and any records transmitted via their AedEvent and SpectroscopyEvent tracking systems.

[Send a GDPR request → (pre-filled template)]

08 | File a complaint with your data protection authority

Country-specific, pre-filled complaint forms for every EU/EEA data protection authority. Select your country, fill in your name, submit.

LinkedIn’s EU lead supervisory authority is the Irish Data Protection Commission. The more complaints the Irish DPC receives, the harder BrowserGate is to ignore.

[File a complaint →]

09 | Register as a potential co-plaintiff

We are preparing class action suits in multiple countries and jurisdictions. If you want to participate, register now. No obligation until a case is filed. We will contact you with details when proceedings begin in your jurisdiction.

[Register as co-plaintiff →]

10 | Help collect evidence

We have developed a Chrome extension that documents LinkedIn’s scanning behavior on your browser. It captures evidence of the abuse with a tamper-proof timestamp, which you can upload to our server.

The more documented instances we have, the stronger the case in court.

[Install the evidence collector →]

For developers and LinkedIn tool makers

If you develop a LinkedIn tool or Chrome extension, join our working group. We have established Fairlinked e.V. as a non-profit trade association for commercial LinkedIn users. Fairlinked is registered with the EU and has entered a regulatory dialogue with the EU Commission about LinkedIn’s compliance with EU regulations.

Together, we are defining the technical requirements for the API that Microsoft must provide to businesses and tool developers under DMA Article 6(10).

[Join the developer coalition →]

Every action on this page is backed by specific legal rights under the GDPR, the Digital Markets Act, and national data protection laws. You are not asking for a favor. You are exercising rights that exist precisely for situations like this.

1 - Tell others about Browsergate

There are 1.2 billion Linkedin users.

Most have no idea LinkedIn scans their browser and shares their data illegally with others.
Copy a post below and fix that.

LinkedIn

Yes, post it on LinkedIn. That’s the point.

Post 1 — The basics

LinkedIn scans your browser for 6,222 Chrome extensions every time you visit the site.
No consent. No disclosure. No mention of it in their privacy policy.

The scan reveals which tools you use for sales, job searching, ad blocking, VPN, and security.
It also detects extensions related to religion, politics, and disability.

LinkedIn’s privacy policy contains zero mention of extension scanning. Zero.

This is called BrowserGate.
The full technical analysis, legal breakdown, and the complete list of scanned extensions is at browsergate.eu

Post 2 — For salespeople

If you use Apollo, Lusha, ZoomInfo, or any other sales tool as a Chrome extension, LinkedIn already knows.

LinkedIn scans your browser for 209 sales and prospecting extensions. That’s not a guess. It’s in their JavaScript code, verifiable by anyone with dev tools.

They use this data to identify users of competing products. Then they enforce their Terms of Service clause 8.2.2, which bans all third-party tools.

The EU Digital Markets Act says that ban is illegal. LinkedIn expanded the scanning program anyway.

Full details: browsergate.eu

Post 3 — For job seekers

LinkedIn scans for 509 job search extensions. That’s 1.4 million users whose employment status is being recorded without consent.

On a platform where your current employer, your recruiter, and your next boss can all see your profile, LinkedIn is silently flagging that you’re looking for work.

They never asked. They never told you. It’s not in their privacy policy.

browsergate.eu

Post 4 — For developers and extension makers

LinkedIn probes your extension using three methods: externally_connectable messaging, web_accessible_resources fetch, and DOM mutation detection. Results are exfiltrated via fireTrackingPayload(“AedEvent”).

If you disabled externally_connectable in your manifest.json, they try the next method. Then the next. It’s a deliberate fallback escalation chain.

They’ve catalogued a specific internal file path for each of the 6,222 extensions they scan for. Someone at LinkedIn manually mapped your extension’s resources.

The full technical analysis with code snippets from LinkedIn’s JavaScript bundle: browsergate.eu

X (Twitter)

Tweet 1

LinkedIn scans your browser for 6,222 Chrome extensions. No consent. No disclosure. Their privacy policy mentions none of it.

The scan reveals religion, politics, disability, and employment status.

browsergate.eu

Tweet 2

LinkedIn detects 509 job search extensions. 1.4 million users silently flagged as job seekers on a platform where your current employer can see your profile.

browsergate.eu

Tweet 3

LinkedIn scans for religious extensions like PordaAI and Deen Shield. Political extensions like Anti-Zionist Tag and No more Musk. A neurodivergence tool called “simplify” with 79 users.

This is GDPR Article 9 special category data. No consent was given.

browsergate.eu

Tweet 4

LinkedIn went from scanning 38 extensions in 2017 to 5,459 in 2025. The 10x jump happened right after they were designated a DMA gatekeeper and forced to allow third-party tools.

They responded to regulation with surveillance.

browsergate.eu

Mastodon / Bluesky

Post 1

LinkedIn runs a silent browser scan on every Chrome user who visits the site. 6,222 extensions. ~405 million users affected. No consent, no disclosure, no mention in their privacy policy.

The scan identifies your sales tools, VPN, ad blocker, job search extensions, and extensions tied to religion, politics, and disability.

The full technical breakdown, legal analysis, and searchable database of every scanned extension: browsergate.eu

Post 2

Fun fact: LinkedIn’s JavaScript bundle contains a hardcoded list of 6,222 Chrome extension IDs, each paired with a specific internal file path that LinkedIn engineers mapped manually.

They probe your browser using three escalating detection methods. If one fails, they try the next.

It’s not subtle. It’s in the source code. Anyone can verify it.

browsergate.eu

Facebook

Post 1

If you’ve ever visited LinkedIn on Chrome, they scanned your browser for installed extensions. Without asking. Without telling you.

The list covers 6,222 extensions with a combined user base of about 405 million people. It includes job search tools, sales software, ad blockers, VPNs, and extensions related to religion, political views, and disability.

None of this is mentioned in LinkedIn’s privacy policy.

A group of researchers and developers published the full technical evidence, the legal analysis, and a searchable database of every extension LinkedIn scans for. Check if your extensions are on the list: browsergate.eu

Email to a friend

Subject: LinkedIn is scanning your browser extensions

You should look at this. LinkedIn runs a scan on every Chrome user’s browser, checking for 6,222 specific extensions. No consent, nothing in their privacy policy about it.

It detects sales tools, job search extensions, ad blockers, VPNs, and extensions tied to religion and politics. They’ve been doing it since at least 2017 and expanded it massively in 2025.

The full breakdown with evidence from LinkedIn’s actual code: browsergate.eu

Notes for sharing

Every claim in these posts can be verified at browsergate.eu. The extension list is extracted from LinkedIn’s own JavaScript bundle (file: 5fdhwcppjcvqvxsawd8pg1n51.js, webpack chunk 905). The detection methods, extension IDs, and exfiltration mechanisms are documented with code snippets.

If someone challenges you, point them to the source code. That ends the argument.

2 - Join our mailing list

3 - Join WhatsApp Group

4 - Help make browsergate go public

Pick a pitch. Find a journalist. Copy, paste, send.

How to find the right journalist

Check the byline on any recent article about Big Tech, privacy, GDPR, or surveillance. That’s your person. Find their email on the publication’s staff page, their Twitter bio, or their personal website.

No specific journalist in mind? Call any newsroom and say: “I have a story tip for your tech or privacy reporter.”

The pitches

Pick the one that fits the journalist’s beat. Privacy reporter? Send the religion pitch. Business reporter? Send the competitive intelligence pitch. Tech reporter? Send the source code pitch.

For privacy and data protection reporters

Subject: LinkedIn scans browsers for religious and political extensions without consent

Hi [name],

LinkedIn silently scans every Chrome user’s browser for 6,222 installed extensions. The scan detects extensions that reveal religious belief (PordaAI, Deen Shield), political opinion (Anti-Zionist Tag, No more Musk), disability (a neurodivergence tool called “simplify”), and employment status (509 job search extensions covering 1.4 million users).

This is GDPR Article 9 special category data. No consent. No disclosure. LinkedIn’s privacy policy contains zero mention of extension scanning.

A sworn affidavit from LinkedIn’s Senior Manager of Software Engineering confirms the company “invested in extension detection mechanisms” deliberately.

Full technical evidence, legal analysis, and a searchable database of all 6,222 scanned extensions: browsergate.eu

Happy to connect you with the research team if you want more detail.

For tech reporters

Subject: LinkedIn’s JavaScript bundle contains 6,222 hardcoded Chrome extension IDs

Hi [name],

LinkedIn serves a JavaScript file to every Chrome user that contains a hardcoded array of 6,222 Chrome extension IDs. Each ID is paired with a specific internal file path that LinkedIn engineers mapped for detection.

The system uses three escalating methods: externally_connectable messaging, web_accessible_resources fetch, and DOM mutation detection. Results are exfiltrated via fireTrackingPayload(“AedEvent”) to LinkedIn’s li/track telemetry endpoint.

Anyone can verify this. Open linkedin.com, open dev tools, search for “fetchExtensions” in the JS bundle.

Full code analysis with snippets: browsergate.eu

Happy to connect you with the research team.

For business and competition reporters

Subject: LinkedIn scans browsers to identify users of competing sales tools

Hi [name],

LinkedIn scans every Chrome user’s browser for 209 sales and prospecting extensions, including Apollo, Lusha, and ZoomInfo (3.4 million combined users). Because LinkedIn knows each user’s name, employer, and role, this aggregates into company-level competitive intelligence: which companies use which sales tools.

LinkedIn then enforces Terms of Service clause 8.2.2, a blanket ban on all third-party tools, against identified users. The EU Digital Markets Act says that ban is illegal. LinkedIn expanded the scanning program from 461 extensions to 5,459 in the year following its DMA gatekeeper designation.

Sales Navigator generates roughly $1 billion per year. The extensions LinkedIn scans for are its competitors.

Full details: browsergate.eu

Subject: LinkedIn expanded browser surveillance 10x after DMA gatekeeper designation

Hi [name],

LinkedIn scanned 461 Chrome extensions in 2024. By December 2025, the number was 5,459. The 10x expansion correlates with LinkedIn’s designation as a DMA gatekeeper in September 2023 and the obligation to allow third-party tool access under Article 6(10).

The EU mandated interoperability. LinkedIn responded by building a surveillance system to detect and punish users of the exact tools the DMA was meant to protect.

Meanwhile, LinkedIn’s internal API (Voyager) handles 163,000 requests per second. The external API it offers to comply with DMA Article 6(10) handles 0.07 requests per second. That’s a 2.25 million to one disparity.

A Fairlinked e.V. case challenging LinkedIn’s practices is pending at LG München I.

Full legal analysis and technical evidence: browsergate.eu

For local news and general reporters

Subject: LinkedIn secretly scans 405 million users’ browsers — here’s how to check yours

Hi [name],

LinkedIn scans every Chrome user’s browser for 6,222 installed extensions without consent or disclosure. The scan covers sales tools, job search extensions, ad blockers, VPNs, and extensions tied to religion, politics, and disability. About 405 million users are affected.

Your audience can check if their extensions are on the list at browsergate.eu. The site includes a searchable database of every extension LinkedIn scans for, pulled directly from LinkedIn’s own source code.

Happy to arrange an interview with the research team behind the investigation.

Tips

Send one pitch per journalist. Don’t send all five.

Follow up once after 3 days. One follow-up, not three.

Don’t attach files. Link to browsergate.eu. Large attachments from strangers go to spam.

Don’t pitch two journalists at the same outlet. They talk to each other.

For direct press inquiries: press@browsergate.eu

5 - Fund the fight!