Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy & Compliance

Amazon’s French Warehouses Fined Over Employee Surveillance

France’s data protection agency fines Amazon’s French warehouses unit 32 million euros ($34.9 million) for “excessively intrusive” employee surveillance system.

France’s data protection agency said Tuesday that it had fined Amazon’s French warehouses unit 32 million euros ($34.9 million) for an “excessively intrusive” surveillance system to keep track of staff performance.

Amazon France Logistique monitored the work of employees in particular through data from scanners used by the staff to process packages, according to the agency, known by its initials CNIL.

Scanners alerted management of inactivity exceeding 10 minutes or the handling of packages and parcels “right up to the second”, the CNIL said in a statement.

One surveillance method targeted by CNIL was the use of so-called “stow machine guns” to note if an article was scanned “too fast”, or in less than 1.25 seconds.

It said workers were under constant pressure and had to regularly justify absences. Even the time between the employees’ entry into the warehouse and the start of work was monitored.

The agency added that they were not adequately informed about the surveillance, with the data kept for 31 days.

The surveillance was deemed in contravention with the EU’s general data protection regulation (GDPR), which imposes strict rules on companies for obtaining consent on how personal information is used.

The fine was equivalent to about three percent of the annual revenue at Amazon France Logistique, which reached 1.1 billion euros in 2021, for a net profit of 58.9 million euros.

Advertisement. Scroll to continue reading.

Several thousand employees were affected by the systems, said the CNIL, which had opened its inquiry in 2019 following media articles and complaints by workers.

The watchdog said the fine was “nearly unprecedented” and not far from the CNIL’s maximum four percent of revenue.

An Amazon spokesman said the company rejected the findings as “factually incorrect and we reserve the right to appeal”, adding that such systems were needed “to guarantee security, quality and efficiency”.

The company employs around 20,000 people overall on permanent contracts in France, with the warehouse workers spread over eight massive distribution centres.

David Lewkowitz, president of Amazon France Logistique, told AFP during a visit at its warehouse near Douai in northern France this month that the management tools were necessary for the precise handling of the tens of thousands of packages that move through the centres each day.

The “stow machine guns”, for example, aim to ensure that employees are properly checking items for damage or other problems before they are scanned for shipping “in a manner that conforms with safety rules, in particular by ensuring proper postures”, Amazon said in its statement.

Measuring “idle time”, meanwhile, was not to control a worker’s every movement but to ensure that any supply chain anomaly is quickly investigated and rectified.

But Amazon said that in response to the CNIL’s findings it would deactivate the ability of the “stow machine guns” to signal handling speeds, and extend the “idle time” warnings to 30 minutes from 10.

Related: France Fines Yahoo 10 Mn Euros Over Cookie Abuses

Related: France Regulator Raps Apple Over App Store Ads

Related: France Punishes Clearview AI For Failing To Pay Fine

Written By

AFP 2023

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...