LinkedIn Brief | Candidate Data Dossier

Platform brief

A high-density professional identity system where profile facts, engagement behavior, recruiter search, advertising segments, and enterprise integrations meet in one record.

High exposure

Risk memo. LinkedIn can be difficult to avoid because recruiters, customers, conference organizers, and former colleagues use it as a default professional directory. That utility is also the reason the data file becomes unusually rich.

Collected Data

The basic profile fields are only the visible portion of the record. A candidate typically supplies name, photo, headline, location, employment history, education, licenses, skills, recommendations, portfolio links, and contact choices. The service can add device information, session logs, job clicks, search terms, content engagement, message metadata, imported address books, and inferred professional categories.

Category	Cases	Candidate concern
Identity	Name, portrait, headline, public URL, employer names.	Creates a stable professional identity that is easy to index and copy.
Career file	Titles, dates, schools, skills, recommendations, projects.	Reveals seniority, age proxies, compensation range, and career gaps.
Behavior	Searches, profile views, job saves, follows, reactions, reading patterns.	Shows interest before the candidate is ready to disclose it.
Network	Connections, mutual contacts, message history, invitations, group membership.	Maps professional relationships and possible references.

Visibility and Access

Visibility is layered. Some fields can appear to the open web, more can appear to logged-in users, and much more can be surfaced through recruiter, sales, and advertising tools. Even when individual names are not handed to advertisers in a simple list, campaign tooling can still target small audiences by attributes that are professionally sensitive.

A field marked private to ordinary viewers may still be processed internally for ranking, security, abuse prevention, product improvement, or paid discovery.

Public profile pages can be discovered through search engines unless visibility is reduced.
Recruiter products can filter candidates by role, skill, location, employer history, and activity cues.
Profile-view notifications may disclose research behavior unless private mode is enabled.
Imported contacts can create relationship evidence even for people who never accepted a connection request.

Governance

Governance review should focus on the legal basis for advertising personalization, cross-company processing, training or improvement of automated systems, retention after account closure, and international transfers. The platform offers a data export and a privacy dashboard, but controls are distributed across several settings areas, which increases the chance of stale defaults.

Governance position: Treat LinkedIn as a regulated professional directory, not as a simple resume page. Employers using it for sourcing should document their own lawful basis, fairness review, and retention rules for any candidate records copied into internal systems.

Incidents and History

LinkedIn has a long public record of credential theft, scraping disputes, regulatory actions, policy revisions, and debate about behavioral advertising. These events matter because profile data is designed to be discoverable; the distinction between a breach and large-scale scraping may be legally important, but the individual candidate experiences both as loss of control.

Historical password incidents show the value of unique credentials and multi-factor authentication.
Repeated scraping controversies show that public professional fields should be treated as exportable.
European enforcement around advertising consent highlights continuing scrutiny over personalized processing.
Policy changes concerning automated systems should be reviewed by region, because opt-out rights may differ.

Practical Steps

Reduce public visibility for profile photo, connections, activity broadcasts, and contact details.
Review advertising, partner, research, and automated-system settings in the data privacy menu.
Disable profile discovery by phone number and secondary email unless inbound recruiting depends on it.
Use private mode when researching people, employers, disputes, or confidential opportunities.
Download a full archive before deleting fields or closing an account.

Risk posture assumes a candidate who uses LinkedIn for visibility, job search, and networking, rather than a dormant account.
Settings names can change; review the privacy center directly before relying on a control.