Data violations due to insufficient legal basis for Worker Surveillance
Germany, (AFP) — German Data Protection Authorities siad that H&M fined for illegal surveillance of its employees with more than 35 million euros ($41 million).
The amount is the highest fine for such breaches in Germany since its latest data-protection legislation came into force, in a country known for jealously guarding the right to privacy.
Company bosses at the group’s service centre in Nuremberg were found to have delved too deeply into the private lives of their employees, acquiring information “ranging from rather harmless details to family problems and religious beliefs”.
Detailed “symptoms of illness and diagnoses” were also recorded and stored digitally, said Germany’s data protection watchdog in a statement.
“The present case documents a serious disregard for employee data protection at the H&M site in Nuremberg,” said Johannes Caspar, the Commissioner for Data Protection in Hamburg, where H&M’s German arm is based.
“The level of the fine imposed is therefore appropriate and suitable to deter companies from violating the privacy of their employees.”
The data protection watchdog said managers at the service center conducted “welcome back” talks with employees after their return from illnesses or holidays.
The symptoms and diagnoses of illnesses as well as holiday experiences were documented, and were made accessible to up to 50 managers.
The data collection had been stored since at least 2014, and only became known when the recordings were accessible company-wide for a few hours in October 2019 due to a computing error.
H&M said they will “carefully examine the decision”, for the data violations adding that “practices in the processing of employee data in Nuremberg were incompatible with H&M’s policies and instructions.”
“After the incident was discovered and reported, H&M immediately initiated far-reaching measures at the Nuremberg service center,” the company said. “H&M takes full responsibility and would like to express an unconditional apology to the Nuremberg employees.”
Germans hold privacy in high regard, as manifested in their continued high usage of banknotes and coins rather than credit cards. It is often considered to be a hangover from oppressive surveillance under the Nazis and East German Stasis.
Read also: GDPR: €27,802,946 Fine to TIM – Telecom Provider