Executive Summary
Microsoft Corporation’s LinkedIn is running a massive, global, and illegal spying operation on every computer that visits their website.
1. The Regulation of Linkedin
In 2024 Microsoft was designated as a “gatekeeper” under the Digital Markets Act in the EU.
The two regulated products are Microsoft Windows and Microsoft LinkedIn.
The Digital Markets Act mandates that gatekeepers allow
business users and authorized third parties free, effective, high-quality, continuous and real-time access to all data, including personal data, that is generated through the use of (LinkedIn).
2. The Legalization of Linkedin Tools
This regulation legalizes the use of third-party tools to access your data on LinkedIn.
(Which renders section 8.2.2 of LinkedIn’s Terms of Service void.)
Instead of complying with this regulation, Microsoft decided to distract EU regulators in Brussels with what can only be described as “compliance theater” – It includes the publications of two unnecessary, inadequate and insufficient APIs, misleading statements in public hearings and the complete omission of the fact that there already is a highly effective API “Voyager” that Microsoft uses to power all their web and mobile services.
At the same time LinkedIn systematically shuts down companies who offer LinkedIn tools.
Businesses destroyed. Accounts suspended. Customers threatened. Small companies sued into obliteration by a corporation with an unlimited legal war chest.
3. Non-Compliance turns into criminal behavior
As part of the campaign in removing everyone from the market who might actually make use of the Digital Markets Act, LinkedIn started injecting malicious code into the browsers of their users, without their knowledge or their consent.
At the time of writing, this code downloads a list of 6,153 software products and brute-forces the detection of each one. The scan covers extensions with a combined user base of approximately 405 million people.
4. The Bigger Picture
Because LinkedIn knows each visitor’s name, employer, and job title, every detected extension is matched to an identified individual. And because LinkedIn knows where each user works, these individual scans aggregate into detailed profiles of companies, institutions, and government agencies, revealing which software tools their employees use without the organization’s knowledge or consent.
A Massive Data Breach of Sensitive Data and Trade Secrets
The malicious JavaScript that Microsoft secretly injects into the LinkedIn website searches each user’s browser for installed software applications.
The search reveals:
- Political opinions of users, through extensions like “Anti-woke,” “Anti-Zionist Tag,” and “No more Musk”
- Religious beliefs, through extensions like “PordaAI” (blur haram content) and “Deen Shield” (blocks haram sites)
- Disability and neurodivergence, through extensions like “simplify” (for neurodivergent users)
- Employment status, through 509 job search extensions that reveal who is looking for work on the very platform where their current employer can see their profile
- Trade secrets of millions of companies, by mapping which organizations use which competitor products, from Apollo to ZoomInfo
LinkedIn has not disclosed this practice in its privacy policy. There is no mention of extension scanning in any public-facing document.
Search the full list of 6,153 extensions →
Read how the detection system works →