The National Data Protection Authority (ANSPDCP) took the decision to apply a considerable fine to a company that chose to spy on its employees while they were in the unit's headquarters. It all started with a complaint filed against the company at the ANSPDCP because of the surveillance cameras installed in the company's offices, in the dining room, but also in the dressing rooms where the employees changed before starting their daily work.
The employer installed these surveillance cameras, practically, in almost all the spaces where the employees worked, but without consulting them about the reasons for doing this. According to what was said by the ANSPDCP, there would not have been a clear explanation even during the investigation regarding the real reasons for the location of the cameras, which brought the employer a fine of 5000 euros for his gesture.
HUGE FINE given to the Company from Romania that SPIES on its Employees
ANSPDCP also stated that the employer has installed fingerprint-based biometric systems in certain areas of the premises, which in the end doesn't seem like such a bad thing when it comes to security. However, ANSPDCP came to the conclusion that the fingerprints for the biometric security system were not adequately taken, but also that they were not stored in an adequate way, which should normally ensure the device where do the scan.
"Fine in the amount of 23.893 lei, the equivalent of 5.000 euros, for violating the provisions of art. 5 para. (1) lit. c), art. 6 and art. 7 of the RGPD, since the operator excessively processed the personal data (image) of its employees through the video cameras installed in the offices where they carry out their activity and in the places where there are closets where the employees store their change of clothes (locker rooms ). Fine in the amount of 23.893 lei, the equivalent of 5.000 euros, for violating the provisions of art. 5 para. (1) lit. c), art. 9 and art. 7 of the RGPD, since the operator processed biometric data (fingerprints) of the employees and other means can be used to achieve this goal, less intrusive for the privacy of the persons concerned."
ANSPDCP also concluded that for the images recorded by the operator through its surveillance cameras, there is no adequate plan to protect them, nor effective security measures to support them. However, the other part of the fine in the amount of 10.000 euros, i.e. another 5000 euros, was applied for the simple fact that those cameras existed in the respective areas, they were placed without consulting the employees' union, and without telling the employees.
In this action, ANSPDCP has the largest fine applied for a problem of this kind encountered at an employer in Romania, but there are more than likely others who act in the same way.
