// Consolidated Privacy Matrix
Fifteen dimensions · four platforms · one table
The Audit Matrix
The individual audit pages are longer and more nuanced than any single table can be. This page is the opposite — it's the thing you print out and stick on your monitor. Every row is a concrete privacy-relevant attribute. Every column is a platform. Color-coded for speed.
Scoring legend: GREEN = low concern · AMBER = notable concern · RED = high concern. The colors are relative within the matrix, not absolute. "Green" on LinkedIn just means "better than LinkedIn's other rows" — not "privacy-safe in any objective sense."
Matrix 1: Data collection
| Attribute | Blind | Peerlist | ||
|---|---|---|---|---|
| Real name required | Yes · verified for Premium | No | Yes | Yes (but handle-driven) |
| Employer on account | Explicit · public | Via email domain · semi-visible | Explicit · public | Via verified email · configurable |
| Full employment history | Entire career | None required | Entire career | Partial · current role only |
| Network graph | Deep · high-resolution | Pseudonymous channels | Deep | Shallow |
| Behavioral feed data | Every dwell, like, pause | Standard engagement metrics | Limited (smaller feed) | No feed to measure |
| Off-platform tracking | Insight Tag pixel on many sites | Not documented | Minimal | Minimal |
Matrix 2: Access and sharing
| Attribute | Blind | Peerlist | ||
|---|---|---|---|---|
| Parent corporation | Microsoft (US) | Independent (US/KR) | New Work SE (DE, listed) | Independent · seed-stage |
| Primary jurisdiction | US · CLOUD Act exposure | US | Germany · GDPR-native | US |
| Ad targeting on your data | Yes · rich targeting catalog | Limited ads | Narrower than LinkedIn | No ads |
| AI training on user content | Yes (per 2024 policy) · opt-out varies by region | Not publicly confirmed | Not publicly scoped | Not documented · small surface |
| Government access regime | US + Ireland · CLOUD Act | US standard | DE / EU standard | US standard |
Matrix 3: Operational track record
| Attribute | Blind | Peerlist | ||
|---|---|---|---|---|
| Largest regulatory fine | €310M · Irish DPC · 2024 | None of comparable scale | None of comparable scale | None |
| Documented breach / exposure | 2012 (117M) · 2021 (500M scrape) · 2023 (700M) | 2018 DB exposure (no emails) | No major incidents of this scale | No documented incidents |
| Data export / portability | Yes · comprehensive | Limited (content-only) | Yes · GDPR-compliant | Yes (smaller surface) |
| Granular privacy controls | Many, but buried | Limited · by design | Extensive, GDPR-aligned | Simple and clear |
Composite risk
┌──────────────────────────────────────────────────────────────────────┐ │ │ │ LinkedIn [████████████████████████░░░░] HIGH risk: 8/10 │ │ data × reach × parent × AI × breach history │ │ │ │ Blind [██████████░░░░░░░░░░░░░░░░░░] MEDIUM risk: 4/10 │ │ anonymity-by-design offsets, one server exposure │ │ │ │ Xing [██████░░░░░░░░░░░░░░░░░░░░░░] LOW-MED risk: 3/10 │ │ EU jurisdiction · GDPR-native · smaller ad surface │ │ │ │ Peerlist [█████░░░░░░░░░░░░░░░░░░░░░░░] LOW risk: 2/10 │ │ small collection surface · no ads · no feed │ │ │ └──────────────────────────────────────────────────────────────────────┘
composite scoring · methodology below
Methodology
Each matrix row gets a 1–3 score. The composite is the weighted sum, where the weights prioritize:
- Data volume (2× weight) — more data collected means a bigger blast radius for any future breach or policy change
- Jurisdiction (1.5× weight) — who can legally compel access matters more than abstract policy
- AI training exposure (1.5× weight) — new risk category as of late 2024
- Breach history (1× weight) — past incidents are weak predictors but still relevant
- Opt-out availability (0.5× weight, inverse) — good controls reduce the effective score
The scoring is editorial, not algorithmic. Reasonable people will weight these factors differently. If you think jurisdiction matters more than data volume, Xing moves further ahead of Peerlist. If you think opt-outs matter most, LinkedIn closes some of the gap. The purpose of the matrix isn't to issue a single verdict — it's to make the tradeoffs legible.
A realistic stack for a privacy-aware professional in 2026
Nobody lives on one platform. A defensible approach:
- LinkedIn, locked down. Profile yes, because recruiters search nowhere else. Feed engagement minimized. AI-training opt-out flipped. Profile discovery via email/phone disabled. Insight Tag blocked at the browser level if you use uBlock Origin or Privacy Badger.
- Blind, if you need it. For compensation discussion and workplace grievances where you need anonymity, it's the best technical option available. Don't reuse handles; don't over-share identifying detail.
- Xing, if you're in DACH. Primary professional identity, with LinkedIn reduced to a minimal-information mirror.
- Peerlist (or similar), for portfolio. Public proof-of-work page under a URL you control. Works as the link-in-bio for your actual career.
A privacy strategy is a portfolio of smaller surfaces, not one perfect platform.