- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2024-02-07T18:03:00
The decision by France’s data regulator to fine an Amazon warehouse manager for breaches of the European Union’s privacy law over the way the company monitored employee productivity raises questions about the reach data protection authorities (DPA) have over corporate conduct—and whether they can cope with a possible increase in demand.
On Jan. 23, the CNIL announced it fined Amazon France Logistique 32 million euros (then-U.S. $35 million) over the way it tracked employees as they worked. The regulator’s main concerns were that Amazon’s use of tracking technologies and collection and retention of data was excessive and that other, less intrusive methods could have been used instead.
The CNIL also found employees were not properly informed about the extent of the monitoring until 2020—nearly two years after the General Data Protection Regulation (GDPR) came into force. It noted that by breaking the law and squeezing workers to work harder and faster, Amazon could have secured an unfair advantage over its rivals.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The French data regulator’s fine against an Amazon warehouse manager for violating employees’ rights to privacy in the workplace once again raises questions about what constitutes an overzealous approach to employee monitoring and why companies fail to recognize the signs.
Amazon’s warehouse management arm in France was assessed a penalty of €32 million (U.S. $35 million) for violating the General Data Protection Regulation by excessively tracking the productivity of employees.
Recent fines in Italy against two food delivery companies for violating the privacy of their drivers should act as a warning that employee surveillance can prove to be a major breach of the General Data Protection Regulation.
Big Tech firms might need to rethink their plans to charge users for not selling their personal data for behavioral advertising following a decision by Europe’s primary data regulator.
The California Privacy Protection Agency warned businesses to stop asking for excessive information from consumers who have requested to opt out of having their data collected or who are otherwise exercising their privacy rights under the California Consumer Privacy Act.
The U.S. Department of Transportation is looking to thwart the nation’s 10 largest airlines from monetizing passenger data or selling it to third parties.
