Search

How can we help?

Icon

£32.1m fine for employee surveillance

Following an investigation by the Data Protection Authority of Hamburg, fashion retailer H&M has been fined the equivalent of £32.1m for surveillance illegally monitoring of its employees.

The German data protection watchdog discovered that the company was keeping excessive records on hundreds of employees based in their Nuremburg service centre. This included details of holidays, medical symptoms and diagnoses, family issues and religious beliefs. It has also been alleged that these intimate and highly sensitive details were, in some instances, being used by management to evaluate work performance.

In the last 12 months there have been a string of high-profile fines against companies for breaches of the legislation. Last year, Google was fined by the French data protection regulator for breaching GDPR, Marriot International were fined by our own Information Commissioner’s Office for insufficient data-security systems, and PWC were fined by the Greek data protection authority for unlawful processing of employee data. GDPR is now well into its second year yet many companies continue to give inappropriate weight to data protection and underestimate the significance of the information they process.

In the last 12 months there have been a string of high-profile fines against companies for breaches of the legislation.

The fine should come as a stark warning. Data Protection regulators are becoming more active and aggressive in their stance against data breaches. Head of the HmbBfDI, the German regulator, hopes that the size of the fine will “scare off companies from violating people’s privacy”.

Disclaimer
This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Author profile

Get in touch

+44 118 958 5321

About this article

  • Subject
    £32.1m fine for employee surveillance
  • Author
  • Expertise
    Employment
  • Published
    07 October 2020

Read, listen and watch our latest insights

art
  • 23 October 2025
  • Employment Rights Bill

Government launches Employment Rights Bill consultations – key changes employers need to know

The Employment Rights Bill is a draft law set to significantly expand workers’ rights. The Government has now launched the first round of consultations.
art
  • 23 October 2025
  • Privacy and Data Protection

AI and Data Protection – Is Fair and Transparent Privacy Possible?

We live in a digital world. Every facet of daily life is governed to some degree by phone, web or some form of connected technology.

art
  • 16 October 2025

Chambers and Partners 2026: Clarkslegal’s continued commitment to excellence

Clarkslegal is delighted to announce that we have once again been recognised by Chambers and Partners as a leading firm in their 2026 guide.

art
  • 15 October 2025
  • Immigration

Registering a child as a British Citizen: A guide to section 3(1) applications

This article explains the process of registering a child as a British citizen under section 3(1), including the eligibility criteria, the Home Office approach, and key factors that influence whether an application is approved.
art
  • 15 October 2025
  • Commercial Real Estate

A commercial lease in England: a few essential points to consider

Thinking about a commercial lease in England? Whether your lease is short or long, here are five essential clauses to keep in mind during negotiations.
art
  • 13 October 2025
  • Privacy and Data Protection

AI and Data Protection: key legal developments in 2025 – 2026

The rapid integration of artificial intelligence into the workplace continues to reshape how organisations manage data, recruitment, and decision-making. Alongside this technological shift, UK and international regulators are introducing new legal frameworks designed to balance innovation with accountability.
See More