BROWSERGATE has sparked debate over LinkedIn’s browser activity, with proponents claiming it fingerprinted and profiled users while researchers question the scale and intent. The piece notes that BrowserGate describes a process in which LinkedIn’s JavaScript probes for about 6,000 extensions every time a LinkedIn page is opened, collecting and encrypting the results before sending them to LinkedIn’s servers.
Tyler Reguly, associate director of security R&D at Fortra, tested a sample of around 10% of those extensions and found that while LinkedIn was probing for extensions, there was no scanning of the user’s computer and no malicious code, just a JavaScript check for the presence of extensions. He estimated that around 2,000 extensions could be detected by LinkedIn, not the full 6,000, and he suggested the practice does not cross into malicious fingerprinting.
LinkedIn has rejected the more sensational claims, stating that the data is used to enforce terms, defend technical systems, and understand abnormal data access, not to infer sensitive information, according to LinkedInHelp. The article, published on 13 April 2026, presents a nuanced view, noting legal and privacy considerations and calling for clearer user notification.