A Challenge to Intrusive Workplace Monitoring
by Philip
Mattera, director of the Corporate
Research Project
for the Dirt Diggers Digest
Those who toil at computers have their keystrokes measured and evaluated, while others are monitored via handheld scanners or other devices.
U.S. corporations think they have every right to use these techniques in the pursuit of maximum output and higher profits. As Amazon.com has just learned, that may not be so easy when it comes to their European operations.
The e-commerce giant was just fined the
equivalent of $35 million for employing an “excessively intrusive” system of
electronic monitoring of employee performance at its warehouses in France.
The French Data Protection Authority (CNIL) said it was illegal for Amazon to measure movements of workers to such an extent that they would have to justify every moment of inactivity. CNIL condemned Amazon not only for using what it called “continuous pressure” but also for retaining the monitoring data for too long.
CNIL’s case was based on the European law known as the General Data Protection Regulation (GDPR), which includes a principle largely unknown in the United States: data minimization.
Americans are used to giving up vast
amounts of personal information to corporations. In Europe, companies are
supposed to restrain their data appetites.
That message has not gotten through to American firms operating in the EU, especially the tech giants. Meta Platforms, the parent of Facebook, has been fined more than $5 billion for GDPR penalties—far more than any other company.
Alphabet Inc., parent of Google, has racked up over $900 million in
fines. Even Amazon has previously run afoul of the law. In 2021 it was fined
over $800 million for misusing the personal data of customers. An appeal is
pending.
What is relatively unusual about the latest fine against Amazon is that it involves GDPR violations in the relationship between employers and workers, as opposed to companies and their customers.
Employment-based cases
are not unheard of. In fact, Amazon itself was fined over $2 million for
improperly doing criminal background checks on freelance drivers.
What makes the new case even more remarkable is that it concerns
not only personal information but also the labor process. The CNIL’s challenge
to Amazon’s monitoring is a challenge to its ability to control what workers do
every moment they are on the job.
By restricting intrusive employee monitoring, the GDPR is being
used to shield workers from the worst forms of exploitation. And because
excessive monitoring pressures workers to do their job in an unsafe manner, the
law also protects against occupational injuries. In other words, it is
challenging management domination of the workplace.
It remains to be seen whether the CNIL and the other agencies
enforcing the GDPR in Europe go after other employers engaged in intensive
monitoring or if they treat Amazon as an outlier requiring a unique form of
enforcement. For now, at least, the CNIL has shown the possibility of using
privacy regulation to enhance the liberty and well-being of workers.
