Did H&M spy on its German employees? Privacy watchdog opens an investigation

A German privacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany.

Hamburg’s data protection commissioner has launched an investigation into Swedish clothing retailer H&M (Hennes & Mauritz) amid evidence that the company was spying on its customer service representatives in Germany.

According to the German privacy watchdog, a hard drive containing about 60 gigabytes of data revealed that superiors at the site in Nuremberg kept “detailed and systematic” records about employees’ private and sensitive data.

“Hamburg’s data protection commissioner said in a statement Monday that a hard drive containing about 60 gigabytes of data revealed that superiors at the site in Nuremberg kept “detailed and systematic” records about employees’ health, from bladder weakness to cancer, and about their private lives, such as family disputes or holiday experiences.” reads a post published by the Associated Press.

Johannes Caspar, the state data protection officer in Hamburg, said the records demonstrate a massive surveillance activity on employees. The records were accessible to all company managers.

“In fact, there was a massive spying out of the employees at the location in Nuremberg,” said Caspar of the German Press Agency. “This has resulted in a significant evaluation of the reports available to us.” 

The situation is very severe for H&M that in response said in a statement that it takes the case “very seriously” and expressed its “honest regret” to the affected staff.

“The qualitative and quantitative extent of the employee data accessible to the entire management level of the company shows a comprehensive research of the employees, which has not been comparable in the past few years,” added Caspar. “It is also health data of those affected, from bladder weakness to cancer, as well as data from people in their social environment, such as family disputes, deaths or holiday experiences.”

The company said that it is offering full cooperation with data protection officials, it also added that its managers had already taken urgent measures in response to the incident.

In the coming weeks, the data protection officer would decide the fines for this case. Let’s remind that according to EU GDPR law, H&M could face a fine of four percent of global annual sales.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – H&M, privacy)

[adrotate banner=”5″]

[adrotate banner=”13″]