In mid-February 2026, a wave of posts warned that verifying your identity on LinkedIn could expose you to far more than a simple “badge.” The spark was a security/research finding about Persona—an identity and age-assurance vendor used by multiple large platforms—followed by a broader debate about what modern “verification” systems actually do, what they retain, and who touches the data.

This piece separates what is confirmed by primary documentation from what is inferred by researchers and commentators, and then maps the resulting risks.

1) The trigger: an “exposed frontend” and what it appeared to reveal

On February 20, 2026, Malwarebytes reported that researchers investigating Discord’s age-verification work said they found a Persona frontend left publicly exposed. The reporting claims the accessible materials disclosed an unusually expansive verification stack: 269 distinct checks, facial recognition against watchlists and politically exposed persons (PEPs), “adverse media” screening across 14 categories (including terrorism and espionage), plus risk and similarity scores.

Independent commentary from the identity standards community characterized the exposed artifacts as resembling a general-purpose KYC/AML engine—the kind of tooling normally associated with regulated financial onboarding—rather than a narrowly-scoped “age check.” (See Nat Sakimura’s analysis.)

A critical caveat: none of these sources—by themselves—prove that every customer deployment (or any specific platform flow) runs every one of those checks. What they do support is that the capability is present in the product stack described by the exposed materials and summaries. (Malwarebytes)

2) What Persona’s own documentation confirms about scope and retention

Persona’s Privacy Policy explicitly states it processes facial geometry extracted from photos uploaded during verification and that third-party vendors may access that biometric scan data for analysis, storage, backups, and system servicing. The policy also states Persona will destroy facial-geometry scan data upon completion of verification or within three years of the user’s last interaction, consistent with customer instructions unless legally required to retain it.

That “within three years” line is important because it anchors a large part of the public concern in a primary document rather than hearsay: the retention window exists as an explicit maximum in Persona’s policy (subject to customer settings and legal process). (Persona Privacy Policy)

Persona also publishes an official Subprocessors list naming entities used for tasks like infrastructure, analytics, device analysis, document analysis, and “data extraction and analysis.”

Persona’s own product materials also show that watchlist screening is a standard identity/compliance concept and a feature category it discusses publicly. (See Persona’s explainer on watchlist screening.)

3) How LinkedIn is involved: “Verified” identity checks routed through Persona

LinkedIn’s Help Center makes Persona’s role explicit: identity verification via Persona means the member had a government-issued ID verified by LinkedIn’s verification partner, Persona. (LinkedIn Help: Identity verification via Persona)

LinkedIn also states, more generally, that in many countries identity verification is performed by Persona and is available for those with a valid NFC-enabled passport. (LinkedIn Help: Verify your identity)

On Persona’s own help pages for LinkedIn end users, Persona describes a passport NFC scanning flow and directly addresses two of the most viral claims:

• “Is my data used to train AI models?” Persona’s help page says no personal data processed is used for AI/model training and that data is used to confirm identity. (Persona Help: LinkedIn “Get verified”)
• “Which subprocessors are used… for LinkedIn?” Persona lists a subset used for identity verification. (Persona Help: LinkedIn subprocessors)

This is where the controversy sharpened: critics pointed at Persona’s broader subprocessor list and the breadth of data categories described in privacy documentation; Persona pointed back to LinkedIn-specific flow documentation and stated limitations. (Persona Subprocessors)

4) Why the debate escalated: “identity proofing” vs “age assurance” and expectation mismatch

Much of the backlash stems from a gap between what users believe they are doing (“a quick check to prove I’m real”) and what the underlying identity-proofing industry often does (risk scoring, device analysis, fraud heuristics, and—sometimes—watchlist/PEP/adverse-media screening in regulated contexts).

Malwarebytes’ account of the exposed Persona frontend put those industry capabilities front-and-center in a setting (platform age gates and social identity badges) where many users did not expect them. (Malwarebytes)

5) The Discord rollback: a major platform distances itself from Persona

Discord’s CTO published a detailed post acknowledging missteps in communication around age assurance and confirming that Discord ran a limited Persona test in the UK and decided not to proceed. Discord said that consistent with its privacy policy, all data was deleted after completing verification, and announced new requirements—most notably that any partner offering facial age estimation must perform it entirely on-device. (Discord blog post)

Major outlets also reported Discord removed references to Persona and delayed broader rollout while promising more transparency and additional verification methods. (See AP News coverage.)

This matters for LinkedIn because it shows the controversy wasn’t confined to one platform’s UX choice; it created a wider question: if one of the biggest platforms walking right up to Persona decided to step back, what should other platforms disclose about their own use?

6) The investor angle: Open Rights Group and “identity infrastructure politics”

On February 15, 2026, Open Rights Group published a press release criticizing the use of Persona by major platforms and emphasizing that Peter Thiel’s Founders Fund led Persona funding rounds, framing this as part of a broader expansion of biometric age assurance driven by government policy pushes.

While investor backing does not imply operational data access (equity ownership ≠ data access), ORG argued that governance, incentives, and oversight become critical when biometric systems become infrastructure for core internet services. (Open Rights Group)

7) What we can say, fact-checked, without speculation

Supported by primary sources

• LinkedIn uses Persona for identity verification in many countries, and the flow can involve NFC passport reading. (LinkedIn Help)
• Persona’s privacy policy describes facial geometry processing and a three-year maximum destruction window (subject to customer instructions and legal process). (Persona Privacy Policy)
• Persona publishes an official subprocessor list naming companies and tasks. (Persona Subprocessors)
• Discord says it tested Persona in the UK and then chose not to proceed, and is moving toward on-device facial age estimation requirements. (Discord blog post)

Supported by reporting and expert commentary, but should be treated as “as reported,” not proven across all deployments

• That an exposed Persona frontend revealed details about 269 checks, watchlist/PEP facial recognition, and adverse-media screening categories. (Malwarebytes)

The most important unresolved question—one that platforms and vendors could answer with product-level transparency—is simple: Which checks are enabled in which flows, for which users, with what retention, and with what data shared back to the platform?

Conclusion: What Identity Verification Systems Must Learn

At its core, the Persona–LinkedIn controversy underscores a fundamental lesson: identity verification systems must be designed around purpose limitation, data minimization, and transparency—not retrofitted with them after deployment. When systems built for high-risk financial compliance are repurposed for everyday digital interactions, the mismatch creates both ethical and architectural risks. Users should never be required to expose more information than necessary for a given task, nor should they be left guessing how their data is processed, shared, or retained. The burden must shift from users trusting opaque systems to systems proving—by design—that they are trustworthy.

The path forward is clear. Identity infrastructure must evolve toward user-centric, privacy-preserving models where verification is achieved through minimal disclosure, on-device processing, and cryptographic proofs rather than centralized data collection. Transparency must be embedded into the user experience, not buried in policies, and every verification flow should be auditable, understandable, and proportionate to its purpose. These principles are not just theoretical—they are already being pursued in practice, as reflected in solutions like Youverse YouID, which align with this vision of user-controlled, privacy-first identity.