Employees made complaints to the French Data Protection Regulations, CNIL, claiming that their employer was filming them without given them sufficient information

The French data protection regulator, the Commission Nationale de l’Informatique et des Libertés (CNIL), have issued a €20,000 fine against Uniontrad, a French translations business, for “excessive video surveillance”.

Employees of the company made complaints to CNIL, saying that they had been filmed and CNIL investigated the matter, finding that a camera continuously recorded the employee’s at their work station, without sufficient information being provided to them as required by the General Data Protection Regulations (GDPR).

CNIL also found that the computers were not protected by a password and that employees were all using the same messaging system with a single, shared password.

CNIL ordered the company to change its practices as a result of a previous investigation in 2018, but when CNIL audited the business later that year, they found that the company had not taken any remedial action, so CNIL’s decided to impose a fine and order the company to move the camera, positioning it where employees would no longer be under continuous surveillance, and provide information to employees on the video surveillance.  They also ordered the business to implement security measures to restrict access to computers and ensure traceability of access.  If the business does not comply within 2 months, it faces a further €200 fine for each day it remains non-compliant.

If you are not sure whether you can or can’t use CCTV to record your employees, or you/re not sure what you have to tell them, we’re here to help.  See www.tdwico.com for more information on our outsourced Data Protection Officer and Article 27 Data Protection Representative services.