German privacy watchdog fines H&M $41M for spying on workers
Hamburg’s data protection commissioner said in a statement that the Swedish company collected private information about employees at a customer service center in Nuremberg, “ranging from rather harmless details to family issues and religious beliefs.”
The information was recorded on a network drive accessible to up to 50 managers and “used, among other things, to obtain a detailed profile of employees for measures and decisions regarding their employment.”
The data protection commissioner, Johannes Caspar, said that “the combination of collecting details about their private lives and the recording of their activities led to a particularly intensive encroachment on employees’ civil rights.”
The privacy violation was discovered after the data briefly became visible to all people on the company network, resulting in news reports about the information gathering.
H&M said in a statement that the practices in Nuremberg didn’t correspond to company guidelines but that it nevertheless took full responsibility and had apologized unreservedly to the employees. The company said it would examine the fine issued.
Casper welcomed H&M’s decision to pay compensation to employees at the Nuremberg service center and take measures to prevent future privacy breaches, saying the steps “show the intention to give the employees the respect and appreciation they deserve as dependent workers in their daily work for their company.”