LinkedIn is understood to be injecting a JavaScript fingerprinting script into every page load that probes visitors' browsers for 6,236 installed Chrome extensions and collects detailed device telemetry, according to a report by Fairlinked e.V. and independently confirmed by BleepingComputer.
The script, which BleepingComputer verified through its own testing, also harvests the CPU core count, available memory, screen resolution, time zone, language settings, and battery status. The findings were first published in Fairlinked’s “BrowserGate” report, which claims the script works by attempting to access file resources tied to specific extension IDs, a well-documented technique for detecting whether extensions are installed in Chromium-based browsers. A GitHub repo documented LinkedIn scanning for roughly 2,000 extensions in 2025, while a separate repo from February this year logged approximately 3,000. The current count stands at 6,236.
Many of the targeted extensions are LinkedIn-related tools, including sales intelligence products from Apollo, Lusha, and ZoomInfo that directly compete with LinkedIn's offerings. The Fairlinked report claims that LinkedIn scans more than 200 competing products in total and that the script also checks for language and grammar extensions, tools for tax professionals, and other categories with no obvious connection to LinkedIn's platform.
Beyond extensions, the script gathers hardware and software fingerprinting data, such as CPU class, device memory, screen dimensions, time zone offset, battery status, and storage capabilities. These data points are commonly used in browser fingerprinting to build unique device profiles, but because LinkedIn accounts are tied to real names, employers, and job titles, the extension and device data can be linked back to positively identify individuals. The Fairlinked report also claims the data is transmitted to HUMAN Security, an American-Israeli cybersecurity firm, though this has not been independently verified.
LinkedIn told BleepingComputer the scanning is used to detect extensions that scrape data or otherwise violate its terms of service. "To protect the privacy of our members, their data, and to ensure site stability, we do look for extensions that scrape data without members' consent," a LinkedIn spokesperson told BleepingComputer. The company added that it does not use the data to "infer sensitive information about members."
LinkedIn also said the Fairlinked report was published by someone whose account had been restricted for scraping. The individual is linked to a browser extension called "Teamfluence," which LinkedIn said violated its platform terms. A German court denied that individual's request for a preliminary injunction against LinkedIn, finding that the platform was within its rights to block accounts engaged in automated data collection.
LinkedIn isn’t the first major platform to use aggressive client-side fingerprinting. In 2021, eBay was found to be using JavaScript to perform automated port scans on visitors' devices to detect remote access software. The same script was later found running on sites operated by Citibank, TD Bank, and Equifax.
