I ended up deciding that I was getting no value from the account, and I heard unpleasant things about the company, so I deleted the account.
Within hours I started to get spam to that unique email address.
It would be interesting to run a semi-controlled experiment to test whether this was a fluke, or if they leaked, sold, or otherwise lost control of my data. But absolutely I will not trust them with anything I want to keep private.
I do not trust LinkedIn to keep my data secure ... I believe they sold it.
It amazing really. If you reached out to people and asked them for the information and graph that LinkedIn maintains, most employers would fire them.
So it was nothing special for me.
Was forced to verify to get access to a new account. Like, an interstitial page that forced verification before even basic access.
Brief context for that: was being granted a salesnav licence, but to my work address with no account attached to it. Plus I had an existing salesnav trial underway on main account and didn't want to give access to that work.
So I reluctantly verified with my passport (!) and got access. Then looked at all the privacy settings to try to access what I'd given, but the full export was only sign up date and one other row in a csv. I switched off all the dark pattern ad settings that were default on, then tried to recall the name of the company. Lack of time meant I haven't been able to follow up. I was deeply uncomfortable with the whole process.
So now I've requested my info and deletion via the details in the post, from the work address.
One other concern is if my verified is ever forced to be my main, I'll be screwed for contacts and years of connections. So I'll try to shut it down soon when I'm sure we're done at work. But tbh I don't think the issues will end there either.
Why do these services have to suck so much. Why does money confer such power instead of goodwill, integrity and trust/trustless systems. Things have to change. Or, just stay off the grid. But that shouldn't have to be the choice. Where are the decentralised services. I'm increasingly serious about this.
I'm forced to verify to access my existing account.
I cannot delete it, nor opt out of 'being used for AI content' without first handing them over even more information I'm sure will be used for completely benign purposes.
Kids in Oz were getting around social media age restrictions by holding up celeb photos. I doubt that'll work in this case, but I'd be tempted to start thinking of ways to circumvent.
At the risk of losing the account, it's a very bad situation they are forcing people into.
I understand, and even agree, that how this is being handled has some pretty creepy aspects. But one thing missing from the comments I see here and elsewhere is: How else should verification be handled? We have a real problem with AI/bots online these days, trust will be at a premium. How can we try to assure it? I can think of one way: Everyone must pay to be a member (there will still be fraud, but it will cost!). How else can we verify with a better set of tradeoffs?
There is some info from Persona CEO on (of course) LinkedIn, in response to a post from security researcher Brian Krebs: https://www.linkedin.com/posts/bkrebs_if-you-are-thinking-ab... . I note he's not verified, but he does pay for the service.
Many European countries have secure electronic identifications that are trusted by the government, banks etc.
Linkedin could easily use this to verify the identities.
Examplse of services where you can verify the identity in 35 different providers with a single API:
https://www.signicat.com/products/identity-proofing/eid-hub or https://www.scrive.com/products/eid-hub
I doubt it would take more than a sprint to integrate with this or other services.
Digital certification from the gov sounds a lot like "digital ID", which has run into considerable resistance in the UK and EU in just the last few months. As a general observation I find most EU citizens I interact with much more trusting of government than ... well, any other group of folks I have interacted with (I have the privilege of having lived and worked in S. America, N. America, sub Saharan Africa and now an EU country). If it does not fly well here, I don't think its general solution that most people would be comfortable with.
https://blogs.lse.ac.uk/europpblog/2025/10/09/britcard-uk-di...
On the other hand I see many people posting in official capacity for an organization without verification.
When they actively represent their current company but with a random verification from a previous one it gets pretty absurd.
In its current form LinkedIn verification is pretty worthless as a trust signal.
> Let that sink in. You scanned your European passport for a European professional network, and your data went exclusively to North American companies. Not a single EU-based subprocessor in the chain.
Not sure LinkedIn is a European professional network.
And of course those Europeans use LinkedIn for the network effect (even though LinkedIn is just a pathetic sad dead mall now, so most are doing so for an illusion), because other prior waves of Europeans also used LinkedIn, and so on. Domestic or regional alternatives falter because everyone demands they be on the "one" site.
The centralization of tech, largely to the US for a variety of reasons, has been an enormous, colossal mistake.
It's at this point I have to laud what China did. They simply banned foreign options in many spaces and healthy domestic options sprouted up overnight. Many countries need to start doing this, especially given that US tech is effectively an arm of a very hostile government that is waging intense diplomatic and trade warfare worldwide, especially against allies.
- that I just have "work email verified" and that there is a Persona thing I was not even aware of
- a post by Brian Krebs at the top of my feed, exactly on that topic: https://www.linkedin.com/posts/bkrebs_if-you-are-thinking-ab...
The OP is right. For that reason we started migrating all of our cloud-based services out of USA into EU data centers with EU companies behind them. We are basically 80% there. The last 20% remaining are not the difficult ones - they are just not really that important to care that much at this point but the long terms intention is a 100% disconnect.
On IDV security:
When you send your document to an IDV company (be that in USA or elsewhere) they do not have the automatic right to train on your data without explicit consent. They have been a few pretty big class action lawsuits in the past around this but I also believe that the legal frameworks are simply not strong enough to deter abuse or negligence.
That being said, everyone reading this must realise that with large datasets it is practically very likely to miss-label data and it is hard to prove that this is not happening at scale. At the end of the day it will be a query running against a database and with huge volumes it might catch more than it should. Once the data is selected for training and trained on, it is impossible to undo the damage. You can delete the training artefact after the fact of course but the weights of the models are already re-balanced with the said data unless you train from scratch which nobody does.
I think everyone should assume that their data, be that source code, biometrics, or whatever, is already used for training without consent and we don't have the legal frameworks to protect you against such actions - in fact we have the opposite. The only control you have is not to participate.
The straight-from-LLM writing style is incredibly grating and does a massive disservice to its importance. It really does not take that long to rewrite it a bit.
I hope at least he wrote it on his local Llama instance, else it's truly peak irony.
> Here’s the thing about the DPF: it’s the replacement for Privacy Shield, which the European Court of Justice killed in 2020. The reason? US surveillance laws made it impossible to guarantee European data was safe.
> The DPF exists because the US signed an Executive Order (14086) promising to behave better. But an Executive Order is not a law. It’s a presidential decision. It can be changed or revoked by any future president with a pen stroke.
This understates the reality: the DPF is already dead. Double dead, two separate headshots.
Its validity is based on the existence of a US oversight board and redress mechanism that is required to remain free of executive influence.
1. This board is required to have at least 3 members. It has had 1 member since Trump fired three Democrat members in Jan 2025 (besides a 2-week reinstatement period).
2. Trump's EO 14215 of Feb 2025 has brought (among other agencies) the FTC - which enforces compliance with the DPF - under presidential supervision. This is still in effect.
Of course, everyone that matters knows this, but it doesn't matter, as it was all a bunch of pretend from day 1. Rules for thee but not for me, as always. But what else can we expect in a world where the biggest economy is ruled by a serial rapist.
Hiding all this very important info (which literally affects the users life) behind an insignificant boring click! Even the most paranoid user will give up in certain use cases, (like with covid 19 which even though didn´t agree, you needed to travel, work making it compulsory). Every company that uses deciving techniques like this should be banned in Europe.
> Let that sink in. You scanned your European passport for a European professional network, and your data went exclusively to North American companies. Not a single EU-based subprocessor in the chain.
LinkedIn is an American product. The EU has had 20 years to create an equally successful and popular product, which it failed to do. American companies don’t owe your European nationalist ambitions a dime. Use their products at your own discretion.
Of course an American company is subject to American law. And of course an American company will prioritise other local, similar jurisdiction companies. And often times there’s no European option that competes on quality, price, etc to begin with. In other words I don’t see why any of this is somehow uniquely wrong to the OP.
> Here’s what the CLOUD Act does in plain language: it allows US law enforcement to force any US-based company to hand over data, even if that data is stored on a server outside the United States.
European law enforcement agencies have the same powers, which they easily exercise.
No they don’t, not in the way that is implied here. A German court can subpoena German companies. Even for 100% subsidiaries in other European or non-European countries, one needs to request legal assistance. Which then is evaluated based on local jurisdiction of the subsidiary, not the parent. Microsoft Germany as operator is subject to US law and access. See Wikipedia “American exceptionalism” for further examples.
Did you read the article? It's a dark pattern. It is an act that takes 3 minutes to perform. Yet it takes multiple days of reading legal documents to understand what actually happens. I would argue this feels wrong, to most people who interact with technology.
We have a set of laws here that companies are obliged to follow, regardless of where they are incorporated, so we expect that. We are used to having some basic human rights here, perhaps unlike most Americans these days.
Data processes and ownership of biometric data should be made explicitly clear. It shouldn't take days of reading to understand. It feels wrong to me too.
Claiming "the EU had 20 years to build an equally successful product" is the geopolitical equivalent of a deeply dysfunctional 1950s household. For decades, the husband insisted he handle all the enterprise and security so he could remain the undisputed head of the family. Then, after squandering his focus on a two-decade drunken military bender in the Middle East, he stumbles home, realizes he's overextended, and screams at his wife for not having her own Silicon Valley corner office, completely ignoring that he was the one who ruthlessly bought out her ventures and demanded her dependence in the first place.
America engineered a digitally dependent Europe because it funneled global data straight to US monopolies. To blame Europeans for playing the exact role the US forced them into is historical gaslighting. And pretending the CLOUD Act's global, extraterritorial overreach is the same as local EU law enforcement is just the icing on the delusion cake.
I was under the impression they just make database products. Do they have a side hustle involving collecting this type of data?
It can be some more nefarious use, but it can also just be that they (persona in this case) use their services to process/store your data.
I resolved everything except LinkedIn. They required Persona verification to restore access, but I'd already recently verified with Persona, so clicking the re-verification links just returned a Catch-22 "you've already verified with us." LinkedIn support is unreachable unless you're signed into an account. I tried direct emails, webforms, DMs to LinkedIn Help on Twitter, all completely ignored.
Eventually some cooldown timer must have expired, because Persona finally let me re-verify last week. Upon regaining access, I was encouraged me to verify with Persona AGAIN, this time for the verified badge.
I now have a taste of what "digital underclass" means, and look forward to the day when no part of my income depends on horrible platforms that make me desperate for the opportunity to give away my personal data!
However, they have a very generous free trial for sales/recruitment. You could probably activate it and get real support.
We are moving into the opposite direction. Drink a verification can.
Did you actually follow through with 1-4 and if so what was the outcome? how long did it take?
> The reason? US surveillance laws […]
This slop in every blog post? Fucking tiresome.
Do we know how they get that? Because my fingerprints are also in there, so...
And FP is a much worse modality to have registered because, as opposed to Face image, fingerprint is not affected by age. So that will match you 99.999999% for ever. Faces change.
Last year I was trying to setup a business LinkedIn page for SEO purposes, which meant I also had to create a personal account. After being told several times that I absolutely need to scan my ID card with that dodgy app I simply replied that I can't do it due to security concerns. After several weeks they unlocked my account anyway, but I suspect this would not happen if algorithms determined that I actually needed that account to find a job and pay my bills.
I never understand why people supply too much info about themselves for small gains.
People at LinkedIn wants you to believe that your career is safe if you play by their games, but ironically they are one of the main reasons why companies nowadays are comfortable with hiring and firing fast.
LinkedIn does not support smaller companies; it appears to rely on some kind of whitelist or known-enterprise system. This option is simply not available for at least 90% of users.
Pity, but even then is it worth to hand over your very personal data to multiple companies for the sake of blue tick? Not judging, genuine question.
What this user missed is the affidavit option: you can get a piece of paper attested by a local authority and upload that instead, if you really really need a LinkedIn verified account.
Microsoft can go jump.
I too declined on privacy grounds.
I think my account was active for 10 minutes when it got blocked due to "suspicious activity" and locked. All I have to do now to activate is give them more of my information including my phone number.
I've had this same exact thing happen with Facebook and Instgram too. Facebook was probably no less than 5 years ago so this is not new. You can usually confirm your identity (which they do not know), using your phone number (which they do not have). Read that again. :) They ALL do this.
The kicker is you will not find any sympathy because they start with jurisdictions (3rd world) where they can get away with it and people will lecture you about how you must have done something because Facebook never asked for their phone number or blocked them.
I had Airbnb ask for my passport 10 years ago ffs and I did give it and they still didn't want to give me the place until the proprietor intervened and sorted it out. I had the same exact helpful comments about it online that I described above. "You must have done something", "You're full of shit, they don't ask for passport at all".
This attitude by my "fellow men" is what bothers me most about this whole thing.
And now it's global, the same people will probably go "what do you have to hide", "you show your passport at the border don't you?".
I usually say "great, can I install a camera in your bathroom? No? Do you have anything to hide? This is what it feels like to me."
Having said that, I've noticed most resumes I receive have GitHub links over LinkedIn. We've advertised on LinkedIn with mixed results, employee referrals have always been more effective.
Sadly, LinkedIn has replaced email for initial contact after fairs or in-person client meetings. New real-world contacts look you up on LinkedIn and then use it to ask for things like your email address or mobile number. Because of this, I'm even verified :-(.
Even though I use LinkedIn basically the same way Internet Explorer was used in 2009 (purely as a Firefox or Chrome downloader but not for browsing). LinkedIn is my initial contact details exchange, but not the platform to communicate.
> Isn't that just all ai slop?
It is. I basically get zero useful input. Just biased, shallow rubbish. If there is valuable content it is usually cross-posted from authors who also run blogs I already follow.
Edit: Spelling, grammar, style