Search

How can we help?

Icon

£32.1m fine for employee surveillance

Following an investigation by the Data Protection Authority of Hamburg, fashion retailer H&M has been fined the equivalent of £32.1m for surveillance illegally monitoring of its employees.

The German data protection watchdog discovered that the company was keeping excessive records on hundreds of employees based in their Nuremburg service centre. This included details of holidays, medical symptoms and diagnoses, family issues and religious beliefs. It has also been alleged that these intimate and highly sensitive details were, in some instances, being used by management to evaluate work performance.

In the last 12 months there have been a string of high-profile fines against companies for breaches of the legislation. Last year, Google was fined by the French data protection regulator for breaching GDPR, Marriot International were fined by our own Information Commissioner’s Office for insufficient data-security systems, and PWC were fined by the Greek data protection authority for unlawful processing of employee data. GDPR is now well into its second year yet many companies continue to give inappropriate weight to data protection and underestimate the significance of the information they process.

In the last 12 months there have been a string of high-profile fines against companies for breaches of the legislation.

The fine should come as a stark warning. Data Protection regulators are becoming more active and aggressive in their stance against data breaches. Head of the HmbBfDI, the German regulator, hopes that the size of the fine will “scare off companies from violating people’s privacy”.

Disclaimer
This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full General Notices on our website.

Author profile

Get in touch

+44 118 958 5321

About this article

  • Subject
    £32.1m fine for employee surveillance
  • Author
  • Expertise
    Employment
  • Published
    07 October 2020

Read, listen and watch our latest insights

art
  • 20 February 2026
  • Corporate and M&A

EMI Schemes – following the 2025 Autumn Statement

In an economic landscape where attracting, retaining and incentivising key employees is key to commercial success.
art
  • 19 February 2026

Clarkslegal’s international legal alliance TAGLaw achieves top “Elite” – Band 1 ranking by Chambers & Partners 2026

Clarkslegal’s international legal alliance, TAGLaw®, has again been recognised by Chambers & Partners as “Elite – Band 1” for 2026—the highest ranking awarded to legal networks and alliances.
art
  • 17 February 2026
  • Employment

The Employment Rights Act – A shift in power: why employers will face greater pressure from industrial action and union relations in 2026

Substantial union-related changes under the Employment Rights Act 2025 will take effect on 18 February 2026, ushering in significant shifts in the legal landscape for industrial action in the UK.

art
  • 16 February 2026
  • Immigration

High Potential Individual Visa (HPI Visa) – UK Immigration Route

The High Potential Individual (HPI) visa is a UK immigration route designed to attract recent graduates from top-ranked international universities.
art
  • 13 February 2026
  • Employment

Businesses Prepare for Stronger Trade Union Rights: Monica Atwal Comments

The new trade union rights introduced by the Employment Rights Act 2025 will come into force on 18 February 2026. These changes are expected to make strikes easier to organise and will extend protections for striking workers. Monica Atwal comments on the implications of these reforms in People Management magazine.
art
  • 12 February 2026
  • Privacy and Data Protection

Love is in the air: Is it data at first sight?

As we enter the week of Valentine’s Day, it is important to recognise the significance of data security, particularly where we have seen the number of cybersecurity breaches increase over the last few months.
See More