Daily Newsletter

Daily Newsletter

Amazon appeals €32m French regulator fine for employee monitoring

Amazon has challenged CNIL's decision, citing factual inaccuracies and necessity for operational efficiency.

Sarah Brady March 25 2024

Credit: Shutterstock/Jarretera

Amazon has strongly refuted French privacy regulator the National Commission on Informatics and Liberty’s (CNIL) conclusion that the company installed invasive video surveillance. Amazon has appealed the decision, citing factual inaccuracies, according to an email seen by Reuters.

Amazon France Logistique, managing Amazon’s warehouses in France, was fined €32m ($34.58m) by CNIL in December, 2023, for implementing an intrusive employee monitoring system and inadequate video surveillance.

CNIL found Amazon’s monitoring system excessively intrusive, including tracking employees’ inactive periods and their speed item scanning.

The monitoring included the retention of extensive data and statistical indicators for all employees and temporary workers for a prolonged period.

In its filing, CNIL highlighted breaches of GDPR principles related to employee monitoring, warehouse stock management, and data security.

CNIL alleged that Amazon failed to comply with the data minimisation principle, ensuring lawful processing, and providing adequate information and transparency to employees regarding data collection.

Inadequate security measures for video surveillance systems, including weak passwords and shared access accounts, violating GDPR’s security obligations.

CNIL emphasised the excessive monitoring of employees, which created continuous pressure and potentially compromised their privacy and rights.

The scale and intensity of monitoring, along with its integration into critical business processes, were considered in determining the fine amount.

Amazon contests CNIL’s findings, arguing that the monitoring system is necessary for managing business operations efficiently. The company contends that CNIL’s decision is based on incorrect facts and have filed an appeal before the Council of State.

Big Tech faces increasing scrutiny over its privacy policies in the EU, with Meta fined a record $1.3bn by the EU for violating its data privacy rules last year.

Meta’s fine is the biggest to come from the EU’s five-year-old GDPR privacy law and falls very close to the day of its fifth anniversary on 25th May. 

However, despite this being the largest penalty since its creation, GDPR has kept the EU busy over the past half decade. 

In 2021, Amazon was fined around $750m by Luxembourg after it violated the GDPR.

Uncover your next opportunity with expert reports

Steer your business strategy with key data and insights from our latest market research reports and company profiles. Not ready to buy? Start small by downloading a sample report first.

Browse reports

Newsletters by sectors

Pharmaceutical Technology open-new-tab

Just Auto open-new-tab

Leasing Life open-new-tab

View more newsletters

Sign up to the newsletter

I consent to Verdict Media Limited collecting my details provided via this form in accordance with Privacy Policy

close

Sign up to the newsletter: In Brief

Your corporate email address *
First name *
Last name *
Company name *
Job title *
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Thank you for subscribing

View all newsletters from across the GlobalData Media network.

close