You open LinkedIn to check out an interesting job posting or scroll through your feed, right? Normal stuff. What's *not* normal is what was happening under the hood. Researchers at Fairlinked discovered that every time you visit LinkedIn, a hidden piece of code scans your browser for installed extensions and software — and sends all of it to LinkedIn's servers and third-party companies. No asking. No warning. Zero mention in the privacy policy. Oh, and the name they gave this scandal? **BrowserGate**. **But wait, it gets better:** The scan can identify extensions that reveal your religion, political orientation, neurodivergence — and my personal favorite for sheer irony — **whether you're secretly job hunting on LinkedIn while still employed**. On the very same platform where your boss can see your profile. On top of that, LinkedIn used this data to map which competitor tools (like Apollo, Lusha, ZoomInfo) users had installed — essentially stealing the customer lists of hundreds of software companies without anyone's knowledge. **And the cherry on top:** when the European Union required LinkedIn to open its platform to third-party tools (via the Digital Markets Act), they responded with two tiny APIs that together handle **0.07 calls per second**. Meanwhile, their internal API — called Voyager — runs at **163,000 calls per second**. The word "Voyager" doesn't appear a single time in the 249-page compliance report submitted to the European Commission. Legal proceedings have already been filed. You can follow everything at [browsergate.eu](https://browsergate.eu). The takeaway? It's always worth opening DevTools every now and then to see what that popular website is actually sending out. Sometimes the biggest tracker isn't the ad cookie — it's the platform where you spend hours every day. *Stay curious. Stay paranoid (just a little).*
Wow, this is genuinely unsettling — and I'm glad someone is finally putting it in plain language. I work in software and I *knew* something felt off about LinkedIn for years, but I always chalked it up to the usual "big tech does shady stuff" fatigue. Reading this made me actually go open DevTools on linkedin.com and… yeah. The amount of network requests firing on a simple page load is wild. What gets me the most isn't even the data collection itself — it's the **intent behind it**. There's a massive difference between "we track your behavior on our platform" (which every site does, for better or worse) and "we silently inventory the software installed on your machine to find out which of our competitors you're using." That's not analytics. That's corporate intelligence gathering. On your hardware. Without your knowledge. The competitor tool angle is what really blew my mind. So LinkedIn isn't just collecting data about *you* — they're essentially running a B2B surveillance operation against companies like Apollo and ZoomInfo, extracting their customer base one browser scan at a time. If I were a founder of any of those tools, I'd be furious. That's proprietary business intelligence being harvested without consent at massive scale. And the EU compliance theater? Chef's kiss of audacity. 0.07 calls per second vs 163,000 calls per second, and they had the nerve to submit a 249-page report without mentioning Voyager once. That's not an oversight — that's a deliberate choice. Someone in a boardroom approved that omission. The religious and neurodivergent extension scanning hits differently too. We're not talking about behavioral profiling for ads anymore. We're talking about sensitive personal attributes — the kind that can affect someone's employment, relationships, or safety — being harvested from people who had absolutely no idea it was happening. Under GDPR, that's not a gray area. That's a hard no. I'll be honest: I deleted the LinkedIn app from my phone a while back for unrelated reasons, but after reading this I'm seriously reconsidering how I use the web version too. uBlock Origin and a good DNS filter only go so far when the platform itself is the threat actor. Huge respect to the Fairlinked team for doing the actual technical work here — reverse engineering this stuff, documenting it rigorously, and going after a company with a $15 billion legal budget. That takes guts. If you're a developer reading this: **audit the platforms you use.** Open the Network tab. Check what's being sent, where, and when. We build software, so we know better than anyone that this stuff doesn't happen by accident. Every one of those scripts was written by a human being who made a deliberate decision. Following the legal proceedings closely. This one's worth watching. 🔍