> According to the regulator, cameras recorded employees in workplaces, salesrooms, warehouses, and common areas. NBB claimed the aim was to prevent and investigate criminal offenses and to track the flow of goods in the warehouses.
> However, in order to prevent theft, a company must first use “milder” methods, such as random bag checks when employees leave the premises. Moreover, the LfD said video surveillance is only lawful if there is “justified suspicion” against specific persons, and even then, video monitoring may only be used for a “limited” time.
> The data authority found NBB’s video surveillance was neither limited to a specific period of time nor to specific employees. The recordings were saved for 60 days in many cases. Customers were also filmed in seating areas without their knowledge or consent.
> The regulator said “the allegedly deterrent effect of video surveillance, which is repeatedly put forward, does not justify a permanent and unprovoked interference with the personal rights of employees” in a translated press release.
> “We are dealing with a serious case of video surveillance in the company,” said Barbara Thiel, head of LfD Lower Saxony, in a translated statement. “Companies must understand that with such intensive video surveillance they are massively violating the rights of their employees.”
> Thiel added video surveillance is “a particularly intensive encroachment on personal rights” because it can pressurize employees “to behave as inconspicuously as possible in order not to be criticized or sanctioned for deviating behavior.”
Finally! It always amazes me how computer monitoring and video surveillance at the workplace have become so widespread.
Also, the idea of focussing on widespread breaches of the right to privacy is a great one. It helps spread a better understanding of the meaning of the right to privacy.
Computer monitoring and video surveillance at the workplace are outright verboten. This can be only a temporary measure in case of justified suspicion. That's nothing new and most companies of course comply. That's also why the fine is so high: That company behaved exceptionally bad.
This regulation is also less about the right to privacy (in the end it's about working environments) but about general personal rights. Constant monitoring at the workplace is just not compatible with the notion of human dignity. (Also it's stressful for the employees, makes them ill and wears them out, which is bad for productivity. Maybe this part is the real reason? ;-))
As you say, it’s a human rights issue. This case is GDPR. That could apply in cases where videoing itself is allowed, but, say, the videos are insufficiently protected against viewing by the general public.
This isn't exactly a new legal situation in Germany at least. (Which obviously doesn't mean companies don't try, otherwise we wouldn't have headlines like this...)
Yep. WW2 legacy resulted in two major additions to the foundations of new Germany: spying on citizens is highly regulated, freedom of speech does not exist for certain types of speech.
> freedom of speech does not exist for certain types of speech
No country has total freedom of speech, not even the US. Try telling people you will kill the president, even as a joke, and the FBI will come knocking.
Just because private entities are bound by certain laws does not mean that those laws apply to the state.
The state has other laws that regulate its ability to spy on its citizens.
And if those laws become too cumbersome you can always ask a free friendly nation to do your spying for you, and get the info from them. And then cross your fingers that the judiciary will follow yout reasoning when you are found out.
The problem is that citing WW2 as reason when the state is excluded from the laws is nonsensical. In WW2 and later the GDR the state was the bad actor, that private companies are restricted from gathering this information would not have stopped the Nazies.
The state does not have different laws because of WW2. It has different laws because it has a different role and obligations than a private individual.
We allow the state to levy taxes, expropriate, imprison, and even kill (war, death sentence) because we have democratically decided that it was necessary for the organisation of our society.
It is a valid point. I would normally argue that foundation of the law and its implementation are two different issues. Not to mention, over time, previous norms can be eroded.
> > WW2 legacy resulted in two major additions to the foundations of new Germany: spying on citizens is highly regulated
> How does it reconcile with it taking nearly 17 years for Germany to outlaw BND from wiretapping DE-CIX?
He said only that "is regulated". This is the same like "CIA/NSA/FBI must obey the law".
They actually do what they want. (Now the NSA is wiretapping DE-CIX and giving the info to BND)
BND is not a private organisation but a part of the federal government. They are a secret service. That's why they can get away with it, they cannot be fined, sued or even investigated properly in such matters.
And while one of the lessons of Nazi Germany is keeping the secret services on a tight leash, that leash has become longer and longer during the cold war. Nowadays, I do not think there is any effective control of Germany's secret services anymore.
Not taking side on the topic here, just a quick note on the dicatorship classification.
While some folks think a dictatorship requires a single person or small group in charge, it is widespread opinion in Germany, that the GDR was is in fact seen as a "dicatorship by one party", the SED. Mostly (to my understanding) this is based on the lack of separation of powers found in the GDR.
The "dictatorship" question is regulary a topic of more or less philosophical but most certainly emotional debates with each side being sure they are right. I cannot tell the percentage of "dictatorship"/"non-dicatorship" proponents.
(I am no history nerd.)
edit: pls replace "that the GDR was is in fact seen" with "that the GDR is in fact seen" in your mind
> When was the German Democratic Republic a dictatorship?
If someone wanted to leave the GDR, were they able to?
If not, why do you think they weren't able to? Why do you think people wanted to leave, and why do you think people wanted to stop them? Why do you think they had to literally shoot people to stop them leaving the country if it wasn't a dictatorship and they were welcome on the other side?
Are you confused about the 'Democratic' part of the name? North Korea also calls itself 'Democratic' today.
> Elections were held but were effectively controlled by the SED and state hierarchy, as noted by Hans Modrow [communist premier of East Germany] and others.
The last premier of East Germany was literally convicted of electoral fraud after unification.
> Modrow did not deny the charges, but argued that the trial was politically motivated and that the court lacked jurisdiction for crimes committed in East Germany
It was a dictatorship. Any reasonable historian or even person there at the time will tell you this. The literal Premier himself didn't even deny it.
> If someone wanted to leave the GDR, were they able to?
Why do you think that has anything to do with whether it is a dictatorship?
Not having free elections makes it a dictatorship (or at least not a democracy). Not allowing people to leave makes it a shitty place to live, but that is separate from if its a dictatorship.
> Not having free elections makes it a dictatorship
There is a good sign that your free elections aren't when you have 99% percent approval rating on every election. A sharp drop in approval ratings once you no longer control the elections directly may also be indicative of problems with your implementation of democracy.
They were a communist single-party system, with properly rigged elections, leaders handpicked by Moscow from the finest Moscow communism schools and a watchful oversight from Moscow. Not just the citizens were kept in line with the rest of the communist block by troops from other communist states, that applied to the leadership as well. Prague spring was the czech leader Dubĉek trying to introduce reforms, angering Moscow, who then invaded and put a stop to that reform nonsense...
The GDR was a dictatorship good and proper. They just avoided giving the impression of having a single leader by speaking through the politbureau. And the local dictators were controlled by the ones in Moscow.
But jokes aside: if a very small elite clings to power and doesn't allow free elections, doesn't let people live in freedom, even kills them if they try to leave, and eventually is overturned by the people, these are all signs of a "lupenreine" dictatorship, no?
A fair point, despite the downvotes. The DDR could correctly be described as a one-party state, a totalitarian regime, or a puppet state of the USSR, but not a dictatorship. Some good evidence for this is that you can't (without Wikipedia's help or a very serious background in European history) name a single leader of the state, the dictator.
I don't think this is just a pedantic point. It's good to push back against the labelling of "everything you don't like" with the most convenient wrongthink labels: see the trend towards labeling $BAD_THINGS as communism, terrorism, or more fashionably these days, fascism.
If you look up definitions for dictatorship, few insist on the single leader (vs a group of people) and quite a few explicitly include a party as the group wielding power.
How would "random" bag checks be milder than video surveillance?
- They're typically not going to be watching it 24/7. They'll only look at the tapes if something occurs.
- Random bag checks, like in programming, is not really random. You either have a particular target or type in mind or you apply it to everyone and bag checks are a lot more invasive than video surveillance.
> They're typically not going to be watching it 24/7. They'll only look at the tapes if something occurs.
This is the kind of tortured thinking that lets The NSA look a judge in the eye and not laugh out loud as they say "Bulk internet collection is not 'surveillance' and so it doesn't require a warrant. It's only after we've keyword searched the data and then have a agent look at the returned results that it becomes 'surveillance'."
I'm sorry but words have meanings, and you don't get to make up your own meanings just because the law prohibits you under the well understood meaning of a word.
Video recording your employees 24x7 is creepy and wrong, no matter whether you never view the recordings or not.
Speaking as someone who worked at an electronics retailer (many years ago), I would prefer the video surveillance over the constant searches.
You shouldn't be so quick to accuse someone of tortured thinking. From HN guidelines: "When disagreeing, please reply to the argument instead of calling names. "That is idiotic; 1 + 1 is 2, not 3" can be shortened to "1 + 1 is 2, not 3.""
> Speaking as someone who worked at an electronics retailer (many years ago), I would prefer the video surveillance over the constant searches.
You probably would prefer neither over both. This case only says that doing constant video surveillance without sufficient cause is illegal. It doesn't say anything about the legality of constant searches without sufficient cause either, just that it may have been a better solution if they actually had a cause.
Where did you pull this from? It's random searches, occasional, and only if there's enough theft happening to justify it otherwise the searches would be illegal too.
I consider random bag checks way more invasive than constant video surveillance. With video surveillance I know where it is and the contents of my bag will remain private. If my employer could do a ransom bag check on me then I would have no such guarantee.
> How would "random" bag checks be milder than video surveillance?
>
> - They're typically not going to be watching it 24/7. They'll only look at the tapes if something occurs.
And they can claim they didn't watch it at all? Total surveillance without specific reason and without information and consent is exactly what the law is trying to prevent.
> - Random bag checks, like in programming, is not really random. You either have a particular target or type in mind or you apply it to everyone and bag checks are a lot more invasive than video surveillance.
And that's the whole point. If there's a reasonable suspicion that someone stole something, they can ask to check the bag. The Person has the right to refuse that his bag be checked by company employees and ask to involve the police.
They can also fire you. Even in countries with stronger employee protection laws, not complying with office building rules is probably sufficient grounds for termination.
I am in France, and we have strong employee protection laws.
The interesting part is that your boss can't do much if he suspects theft besides calling a criminal investigation. I.e. it is difficult to fire an employee for that.
However, when safety is involved, things change. You can get fired for unboxing with the wrong knife. It is actually a side effect of employee protection laws. The employer is responsible for the safety of his employees, and if the employer have set rules for that purpose, not only he can take serious action if they aren't followed, but he has to, otherwise in case of an accident, he may be found responsible if the rules are not enforced.
So if you really want to fire someone, the best way is to argue that he is putting himself or others in danger. It includes hygiene concerns.
> - They're typically not going to be watching it 24/7. They'll only look at the tapes if something occurs.
Didn't we just have an article a few days ago about Google automating everything, and having absolutely meager human level support?
When (not if) those "Video Surveillance AI tools" come out, and can be hooked to a video surveillance system for 'automated anomaly detection', will they just be used as probable cause because some programmer with a classifier thinks you're at fault?
It's not hard to extrapolate 1 step into the future. Even Kroger and Walmart are doing that here. If an "anomaly" (aka: assumed theft) occurs, then flag a attendee to come over.
The issue with video is that you never know who might be watching or even how long it is kept or what it is used for. It can even be used days/weeks/months later to find evidence against an employee, say to nit-pick scenes and use them against the employee (e.g. to fire someone). This also offers a huge asymmetry as of course the employee themselves have no acces to the video.
People in charge of cameras watch them. The waving off that “it’s too much to watch” is BS. The security risks associated with boobs are well investigated. They are frequently used for various abusive behaviors.
Random searches can be done effectively if they are truly random. Usually effective pilfering is done by employees who wouldn’t be tagged as a thief.
They put a device in the exit door that beeps randomly on your way out, if the device beeps you get a bag search.
That’s how it is random.
It’s milder because you get in trouble only if you have something in your bag that’s not supposed to be there and since it’s random you don’t feel targeted.
Speaking for myself, a bag search is a lot for invasive feeling than video surveillance. If I'm in a break room or another shared space at work, I already have an expectation that people are looking at me.
Since I already expect to be seen, one more person looking at me isn't a big deal. My public appearance is public, but my private things in my bag are not. It's incredibly uncomfortable (and IMO demeaning) to have someone examining the extra pair of underwear in your gym bag or skimming through your journal looking for proprietary info.
Surveillance isn't the same as a person looking at you, especially with 60 days retention.
They would (presumably) not be allowed to read a journal for the purpose of theft detection. And if you would be made uncomfortable by something you brought to work, and it wasn't required for your job, you could leave it in a vehicle or at home. Sure, being able to bring it into work might be a personal convenience, for example if you take public transport and wanted to go to the gym before, during, or after work - but it's a choice. It isn't possible to opt out of surveillance.
how can you not have random bag checks? It could be as simple as every nth bag, or everyone one day a year, or rolling a die for each person and a 2 means you get searched. This is not the same problem as police using racial profiling. Mexican customs does something similar and I'm pretty sure they're not picking out the whitest tourists.
Why is video surveillance a problem? It seems to be most efficient at protecting employees from being falsely accused & spares from witch hunting. It also helps prevent crime for society. If privacy is the concern, then regulation should be about proper viewing rights and storage control, not shooting down surveillance entirely.
It is about the feeling of being monitored (and eg not trusted). A camera can also be used to punish you for being human (eg falling asleep for a second... Stupid example) instead of being a machine like your contract expects.
This argument is the same one why nobody should be scared of a police search since you have not done something wrong. It is a consequence of privilege.
The difference is that a camera can only see what another person could see if they were to observe you. A search will also see things that you didn't expect other people to see.
Because employers can prevent employees from recording them, but not vice-versa.
An imaginary world, where everyone is allowed to wiretap everyone non-stop, might be fine. But in the real world such ability is hindered by the morals, right of private property and major imbalance of power between people. As such, it is better to explicitly whitelist the few select cases, when surveillance is permitted — lest the society engages in race to the bottom, where every employer will try to give their workers as little privacy as possible.
I'm not sure what you mean by "employer can prevent employees from taping them." Do you mean you assume management corner offices are not taped? That's a problem with corporate culture, not video surveillance.
I still don't see a problem with video surveillance, with full disclosure and proper access controls. What difference is there with police getting a warrant to search your house?
Having grown up in an area with an abundance of crime I prefer to live with the surveillance of public spaces. I'd wager that opinions on surveillance highly correlate with exposure to crime.
I've heard that cameras aimed at cash registers are quite effective at stopping employees from stealing. From my observations of where cameras in shops are pointed, that seems to be their primary purpose.
Isn't that redundant with modern cash registers? You know what amount of money was in it at the start of the day, you know what was sold, you know what was in it at the end of the day. Any difference between is and should would be quite visible without pointing a video camera at the employee the whole day.
Well no. If a customer pays with cash, a cashier can take payment for something without actually ringing it up. The sale never enters the computer system. Even if you audited the shops inventory, you'll nearly always discover some products are missing, but that doesn't prove employees have been stealing; shrinkage has a variety of causes (shoplifting, damage, was never actually delivered, etc.)
Regardless of theory, pay attention to where cameras in corner shops are pointed and I think you'll see what I've often seen: the cameras are primarily positioned to watch employees.
To be fair, registers aren’t used exclusively by one employee. At grocery stores, when someone goes on break, someone coming back might take their spot. That happens multiple times a day. And for restaurants, almost every employee uses the same few registers.
The only way to know who is stealing is to either watch the drawer or to count the cash every time the employee walks away. Of course, most places go with the former as the latter is too time intensive (especially during a rush). The better solution (IMO) is to just count at the end of the day, and if there’s a discrepancy, mark it down. If it happens multiple times, you can compare who was at that register for each of those days and narrow it down.
> The only way to know who is stealing is to either watch the drawer or to count the cash every time the employee walks away.
At least in the grocery stores I frequent (Bay Area), the employee takes the drawer with them when they walk away (usually shift change) - clearly another option. I think they sign in/out too, so the drawer and the transactions are connected.
That is true, and is also a big reason why around here even pre-Covid smaller shops (cafes etc) have been going cash-free (their other being they hate bing robbed). The big exception is always the barber shops.
And then you have people storming the Capitol not wearing masks, live streaming their crime, and shouting their name (even politicians did it[0]) We don’t need surveillance when the criminals are already idiots.
I'd like to disagree. I think an employer (or any person) has a right to place a video camera any place on their property they could otherwise hire a person to sit and watch. This person can see things and testify to them, essentially functioning as a meat video camera. Why do employees expect not to be seen by their employers in working areas? or public break rooms?
How is placing a camera different than hiring an overseer?
Yeah, but then all other warehouses have cameras too. Well, the warehouse worker can always choose to become homeless I guess? Seems to be a fair deal in your world.
In germany it is even illegal to have a doorbell with a (fake or not) camera because of the monitoring of the public space in front of it (like the street) since it gives you the impression you are filmed.
Is the problem is the surveillance or the lack of consent?
Amazon had a problem where they charge employees for the spent doing bag searches. If rather be video-recorded (temporarily) than wait in a bag searches line.
The problem is surveillance. Consent is a meme. People who work in warehouses don't get to shop among a dozen different employers like software engineers in the valley.
>Also bag-searches seem more invasive than video.
Then don't do either. Or only do some random searches or when you're suspecting someone of having stolen something. Treating employees like thieves by default is nuts. We don't accept petty theft as a justification for mass surveillance outside the workplace so we shouldn't accept it inside the workplace either.
Petty theft is absolutely used as the reason for mass surveillance outside the workplace.
The majority of the cameras that I see on a daily basis are for petty theft. So much so that it’s a given in my head that a retail environment will be under video surveillance
You are choosing to work for a company. If the company wants to record you while you do your job that can very well be part of the contract you accept when starting to work.
Most of the offices I've worked at had surveillance, the supermarket I buy food from has surveillance, the shopping malls I visit have surveillance.
Nobody is forcing you to go there and feel free to start your competing series of offices / supermarkets / shopping malls without surveillance; check if the market care instead of assuming this is what people want, before legislating and imposing regulations and fines.
Thought experiment: there are two men standing in a room. One holds a loaded gun aimed at the other’s chest, his finger on the trigger. He tells the other man to bite off all his fingers or die.
The man on the other end of the gun certainly has a choice, and a negotiating position—they just aren’t very good ones, through no fault of his own.
I personally would prefer to live in a society where those with power don’t have moral carte blanche to treat those without power as badly as they like, as long as the unfortunates are technically given choices and/or some articulable market forces can reasonably be said to have been causal contributors to the current configuration of their reality. But I guess a lot of people, particularly people used to having power, may not agree with my preference.
Consent basically doesn't work as a basis in employment situations, because it's almost impossible to argue that an employee is guaranteed to not be disadvantaged if they do not consent.
>Is the problem is the surveillance or the lack of consent?
You've got to look at the context. That type of surveillance happens where there's a massive power imbalance between employer and employee. Is the consent of someone who's at the bottom of the wage ladder and doesn't have an actual choice valid consent ? In Civil Law it certainly isn't.
I worked for NBB as an Android Engineer about 5 years ago. While refactoring the analytics / tracking services (5 different providers in the app), I noticed that customers credit card data was leaking to analytics providers. I informed my PO about this, but he decided that this wouldn't be worth the effort fixing. I left the next day.
As a software engineer (or similar), there are quite a few options for Europe. First, you need to understand that your salary will likely be lower, but your overall quality of life will probably not chage. Second, look into national visa programs which are oriented on demand, often in the "EU Blue Card" category: Often, if the job title is right, and the salary is high enough, you can get priority access.
Other than that, try and enjoy the adventure. I've been in Germany for almost ten years now...
Either you marry someone, find an employer happy to sponsor you or buy a residency - the cheapest is Latvia at 300k$ (you invest in real estate). Once you spend 5 years in the country you can become a citizen and you can move wherever you want in EU or get a job without visa sponsorship.
It's generally easier than going EU -> US, from my peers' experience.
From which country? US citizen get special priority when they move to Germany, in reality that means that I never heard of any US citizen having any kind of problem emigrating to Germany (and my wife is an immigration attorney).
It does depend a lot. Where I live there are many expats who haven't learnt anything beyond the basics of the local language, and get along fine in English. Even a lot of government departments here will send letters in both languages.
No, this fine would go to the state. But if the fine holds up in the courts, employees stand a good chance to bring civil damages, in a separate claim.
I do not think so. Not a law expert, but beyond emotional damage (which is not a thing in Germany) there is nothing the employee need to be compensated for.
It is a crime and the state fines the company for breaching the law.
That is untrue. German civil law grants monetary compensation to a person whose personal rights have been unlawfully infringed upon (immaterial damages, §253 BGB).
Money goes to the state, which is outright alien to me. The fact that the company pays a fine totally makes sense to me. But the country getting the money and the employee just getting their "right" is a major flaw in this system from my point of view.
You need to compensate these people... at least a little bit.
Fines going to the state in Germany is actually a problem imho. The damages you can expect for this are laughable, 40k is a typical payment to the family for wrongful death (cost of burial plus anguish). For video surveilance at the workplace you can expect a few hundred bucks at most, if the court even takes the case and doesn't dismiss it outright as minor.
If there were punitive damages awarded to the victims, a lot more illegal behaviour would be properly prosecuted. Officials like the state data protection officer are intentionally understaffed, so they only prosecute the most egregious problems. Private citizens and their attorneys could take up the slack if it were financially viable.
That sounds like a highway towards a system where only the ones who can afford (in terms of time and many) persecution get justice. With a nice dose of second order effects you usually get from a "everybody sues everybody for everything because you may get rich system". Reminds me of a certain "justice" system on the other side of the pond.
The solution to weak law enforcement is to give more power to the law enforcement, not to a selected class of privileged people.
>Officials like the state data protection officer are intentionally understaffed, so they only prosecute the most egregious problems. Private citizens and their attorneys could take up the slack if it were financially viable.
I can assure that this is not an issue for Germany. If anything they are overstaffed based on the false and egregious bullshit I have had to pay lawyers to get overturned.
Giving money to the victim is a bad idea because it does nothing to prevent this crime in the future (taking money from perpetrator does that) but it creates perverse incentive for people to pretend to be victims of similar crimes and engage costly justice system in hopes they can get some money.
Then you have to balance it out with harsh punishments for unsubtantiated lawsuits but that could sometimes affect legit victims that were just short of evidence. It's better to not have the problem in the first place.
It would be better to just burn the money then to give it to the victims.
Victim separately could prove what actual harm was done and request support, but this should be completely separate process ideally financed separately, that disregards how rich is the perpetrator or how severele he violeted the law.
Same way money from fines shouldn't land anywhere near the cops that give the fines because this creates perverse incentive.
Wait, do the police and public prosecutor in your country personally receive the money from fines resulting from their prosecution of crimes like this one?
In Germany, fines go to the general state or federal budget, not the police budget.
The only thing where there is a really obvious wrong incentive are parking violations, those go to the community, the community prosecutes and sets the local parking regs. So that, along with speeding tickets inside city limits (in parts), is a money-printing business for them.
At least smaller Communities are very much restricted what they can do with regards to speeding. That's the reason why there are posts everywhere which show your actual speed instead of giving a ticket.
I’m in the UK. The fines go to the Treasury, so the central purse.
If fines were distributed to the public and the ICO collected zero income, I believe the political will do finance it would disappear. I was not suggesting officers themselves would change priorities based on individual pay outs, sorry for the confusion.
I am wondering if NVidia is going to drop NBB as their exclusive Founder Edition distributor now. I wouldn't be suprised if NBB went bankrupt after this (HW margins are super low).
I'm quite certain I've seen at some point on HN a paper to the effect of workplace surveillance and paranoia being actively detrimental to productivity. Plus there was that story about surveillance-as-a-feature being put into Office 360 a short while back.
That's weird. There was some research that people behave more morally when they think they are being observed. Even if they see themselves looking at themselves in the mirror.
Behaving morally and doing useful work aren't the same thing. Imagining Jesus is behind my shoulder might make me question my need for masturbation, but it sure won't help focusing on code.
I see a lot of mentions of GDPR in the comments, but the fact is that the sensitivity of personal information is an older mindset(not only a law) in Germany.
It is called "Datenschutz", and you see people proactively adhering to it, needed some time as a foreigner to get used to how rigorously they apply it, but when I got used to it, felt "safer" knowing whoever handles my data, knows how sensitive it is.
A newer term being heard more often is "Datensparsamkeit". Id est only saving the absolutely necessary amount of data such that extensive surveillance and data abuse isn't possible.
The government will use the money as it sees fit. You don't like what your government spends money on? Don't vote for the ruling party at upcoming elections. That laptop website had a turnover of 879 million Euro in 2018, btw. They'll probably manage. Your priorities are weird, though. "How will the criminal entity cope with the consequences of their unlawful actions?"
The legal framework is rather easy (and hasn't changed with GDPR, as far as I can tell): video surveillance is generally illegal. There are specific circumstances where it is legal, and those tend to require two things:
- there needs to be some "risk" that is higher than usual, and where video surveillance can make a difference.
- it's extremely hard to justify surveillance of spaces where people regularly spend long amounts of time, such as their workplace.
Generic offices fail both tests: what, exactly, are you looking for? Stapler thefts? And, at the same time, the intrusion is rather is far more significant than, say, a public transit station that you pass through.
Exactly. To add crimes and punishment have to be in balance. Stealing staples or calling a cop a name cannot bring you in prison in Germany. Same is applied here: you are in fear of loosing $10k/y in warehouse to theft... Not a rationale to steal legal rights from 20 workers.
I'm not sure I follow/agree on blanket surveillance of a workplace... Would this translate to a bank as well? Having a recording of an armed robbery or theft during daily count would come in handy as probably often does. If that's alright for a bank, how's this different?
In the way it's described in the article? yes, that very likely wouldn't fly in a bank as well. Banks do have video surveillance, but with more restricted terms, e.g. clear information which areas are monitored, risk assessments which areas justify being monitored, restricted recording (i.e. only very short-term storage that needs human intervention to be preserved), processes around when and through whom recordings can be accessed at all, ...
Banks are high-risk, and video surveillance is longstanding practice and generally fine.
BUT I believe it is required to face the customer area (and, therefore, film employees mostly from the back). There's also usually a "pit"-like work area that's employee-only and I would imagine that's out of bounds, as well.
Having stricter data privacy regulation in the EU is good.
But I'm getting the impression that the authorities prefer to look into local companies where "easy wins" can be had - like in this article.
Let's get this straight: I think the video surveillance here was not okay.
But - shouldn't the authorities rather pursue things which matter more, i.e. maximising the impact of (number of humans affected * magnitude of effect)? The WhatsApp <> Facebook data sharing situation comes to mind. Or the recent change of their privacy policy.
There's lots more. I feel that big (SV) tech companies have much more leeway than local companies, simply because their probability of being fined is lower.
And on every headline about an SV company being investigated there are complaints that they are unfairly targeting them and not do enough about local companies.
Big companies are investigated, but a) for more nebulous cases the processes take longer, b) rules to avoid parallel investigations in many places also apply to the tech companies, which takes time for international coordination and somewhat restricts local agencies from acting against them (which is a bit of a loophole, or at least delays it further - see the various Schrems cases against Ireland), c) Whatsapp/Facebook have backed off from some things in Europe already due to previous investigations and agreements around the aquisition.
Pretty much everyhwere, the privacy agencies are working on extremely limited resources, and can not address everything at once. (Yes, this is a problem)
I don't think they're not doing both. Also, the probability of getting fined might be lower, but when Facebook gets fined it won't be for 12.7 million.
At least in case of Germany, the article presents their approach:
"Germany’s federal and regional data protection authorities have been keen to focus on steering organizations away from “common” privacy violations under the GDPR—such as video monitoring, cold-calling, etc.—rather than pursuing record fines. Regulators feel such an approach creates a greater understanding of what privacy means and how the GDPR impacts people and work on a day-to-day basis."
I imagine similar thinking applies in other EU countries. Though I sure wish they'd deal with the telemarketers and websites with GDPR-non-compliant GDPR forms already!
The problem is that if you only fine the big tech companies, the small companies will just don't bother with the GDPR. What we need is more people working on GDPR cases.
> However, in order to prevent theft, a company must first use “milder” methods, such as random bag checks when employees leave the premises. Moreover, the LfD said video surveillance is only lawful if there is “justified suspicion” against specific persons, and even then, video monitoring may only be used for a “limited” time.
> The data authority found NBB’s video surveillance was neither limited to a specific period of time nor to specific employees. The recordings were saved for 60 days in many cases. Customers were also filmed in seating areas without their knowledge or consent.
> The regulator said “the allegedly deterrent effect of video surveillance, which is repeatedly put forward, does not justify a permanent and unprovoked interference with the personal rights of employees” in a translated press release.
> “We are dealing with a serious case of video surveillance in the company,” said Barbara Thiel, head of LfD Lower Saxony, in a translated statement. “Companies must understand that with such intensive video surveillance they are massively violating the rights of their employees.”
> Thiel added video surveillance is “a particularly intensive encroachment on personal rights” because it can pressurize employees “to behave as inconspicuously as possible in order not to be criticized or sanctioned for deviating behavior.”
Finally! It always amazes me how computer monitoring and video surveillance at the workplace have become so widespread.
Also, the idea of focussing on widespread breaches of the right to privacy is a great one. It helps spread a better understanding of the meaning of the right to privacy.