AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Privacy Guarantor fines company for improper use of the video surveillance system

Biometric video surveillance system and continuous monitoring of the position of accused employees

The Privacy Guarantor has fined a company for the improper use of the video surveillance system, which included fingerprinting and geographical tracking of employees. The company processed worker data without authorization and used biometric data without legal basis, violating the GDPR.

This pill is also available in Italian language

The Privacy Guarantor has sanctioned a company for the improper use of the video surveillance system at its headquarters. The company was fined 20,000 euros following the discovery of various violations relating to the processing of employees' personal data.

Violations relating to the video surveillance system

The company's video surveillance system had several violations. In addition to recording live images, the system was able to detect employees' fingerprints and track their geographical position via an application installed on cell phones. Furthermore, the system could capture audio and make recordings. Access to this system was allowed to the legal representative of the company and his family via a smartphone, and the user could verbally warn the interested parties through the system's cash registers.

Unauthorized processing of worker data

During the inspection it emerged that the company was using an application that continuously tracked the location of employees via GPS, without their consent or the adequate information required by the Workers' Statute. Furthermore, the data processing carried out through the video surveillance and localization systems did not comply with the required guarantee procedures, such as the signing of a trade union agreement or the authorization of the Labor Inspectorate. It was also noted that there were no information signs on site regarding video surveillance.

Prohibited processing of biometric data

The company had installed an alarm system that required the use of fingerprints to arm and disarm the system. However, the processing of biometric data without a legal basis was in violation of the GDPR. The Guarantor noted that this form of biometric data processing is only permitted in specific circumstances, provided for in Article 9 of the GDPR, which were not present in the company's case. In addition to the financial penalty, a ban was imposed on the processing of data collected through the video surveillance system and the continuous monitoring of the position of employees.

Follow us on Threads for more pills like this

09/04/2023 17:58

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon