On January 8, 2021, the State Commissioner for Data Protection (LfD) Lower Saxony imposed a €10.4 million (or $12.7M) GDPR fine on the electronics retailer Notebooksbilliger.de for non-compliant video surveillance of its employees.
Two main objections of the LfD were that video monitoring was done without a proper legal basis and kept for significantly longer than necessary, in the time span of at least two years.
According to the LfD, cameras were installed in the employees’ common areas, workplace, warehouse, and sales points.
The video surveillance was not only aimed at employees but customers as well, since cameras were pointed to specific places where customers would stay for a longer period of time, like seating areas or areas where they could test displayed devices.
[RELATED TOPIC: Video surveillance under the GDPR]
Notebooksbilliger.de objected to the decision and claimed that video surveillance was installed to prevent theft and other criminal offenses and to track the flow of goods in the warehouses. They claim that in no time was the video system designed to monitor the behavior of employees or their performance.
However, as explained in the official statement, video surveillance to uncover criminal offenses is only lawful if there is justified suspicion against specific persons and for a limited time period.
In this specific case, video surveillance was neither limited nor directed to specific employees. In addition, in many cases, the recordings were saved for 60 days, which is significantly longer than necessary.
[RELATED TOPIC: 20 biggest GDPR fines so far]
The Lower Saxony data protection officer, Barbara Thiel, said, “video surveillance is a particularly intensive encroachment on personal rights because theoretically the entire behavior of a person can be observed and analyzed.
According to the case law of the Federal Labor Court, this can mean that those affected feel the pressure to behave as inconspicuously as possible in order not to be criticized or sanctioned for deviating behavior. ”
Also, the video surveillance method for preventing theft represents a measure that is disproportionate to the potential risk, since other, milder methods could be as effective as the video footage in preventing theft.
[RELATED TOPIC: Processing personal data of employees]
Thiel also stated “companies must understand that with such intensive video surveillance, they are massively violating the rights of their employees“, stressing that employees should not give up their personal rights just because their employer puts them under general suspicion.
The fine is not yet legally binding so it is yet to be seen if the arguments and efforts of the company will reduce the fine or if the appeal against the fine is going to lead to a completely different resolution of the case.
Read the entire official statement: LfD Niedersachsen imposed a fine of 10.4 million euros on notebooksbilliger.de