SECURITY % min read

BrowserGate: LinkedIn’s hidden script tracks extensions, hardware, and user behavior

BrowserGate: LinkedIn’s hidden script tracks extensions, hardware, and user behavior
Photo by Greg Bulla / Unsplash

An investigation has revealed that LinkedIn secretly runs a 2.7 MB JavaScript script called Spectroscopy, which scans Chrome based browsers for more than 6,000 extensions and collects 48 hardware and software attributes to create a persistent device fingerprint. This fingerprint is encrypted and attached to every API request during a user’s session, despite the practice not being disclosed in LinkedIn’s privacy policy. The scan includes extensions related to competitors, job hunting, political interests, and neurodivergent conditions, raising serious GDPR concerns. With over a billion users affected and no opt out available, BrowserGate highlights a major gap between platform data collection and user awareness.

Read the full story on TNW →