H&M Fined $41 Million for Violating Workers’ Privacy

 

After being accused of violating workers’ privacy, H&M has been fined. 

Since at least 2014, several hundred employees of H&M have had their details recorded by the Swedish-based chain, according to the Data Protection Authority of Hamburg who has levied the fine of 35 million euros (the equivalent of $41.1 million U.S. dollars).

The Problem

The German watchdog claimed the information included “extensive records of private living conditions.” This includes religious beliefs and medical diagnoses of the employees who had worked at the Nuremberg location of the fashion retail chain. Managers unethically used this information when they were making decisions about employment or evaluating work performance. 

Commissioner Dr. Johannes Caspar released a statement saying, “The present case documents a serious disregard for employee data protection at the H&M site in Nuremberg. The amount of the fine imposed is accordingly appropriate and suitable to deter companies from violating the privacy of their employees.”

In October of 2019, the data collection was exposed and led to an error where the sensitive information was accessible for several hours across the company. Since the introduction of the European Union’s newly introduced General Data Protection Regulation in 2018, this is the second largest fine that has been brought against a company that breached data. In 2019, Google was hit with a 50 million euro (or $57 million) fine in France.

The Response

H&M is attempting to rectify this very public situation by apologizing and offering compensation to the impacted staff members. The company went public with a post on their website in which they ensured customers that they were in compliance with the GDPR along with staff changes at the Nuremberg location. Additionally, the company has appointed a data protection coordinator and added additional data privacy trainings for employees.

The company wrote, “The H&M Group strictly adheres to laws and regulations stipulated by the relevant data protection authorities, as well as the company’s own high standards.”

In a statement issued by the Hamburg commissioner, he commended the company saying, “The efforts of the group management to compensate those affected on site and to restore trust in the company as an employer are expressly to be rated positively. The transparent information provided by those responsible and the guarantee of financial compensation clearly show the willingness to show those affected the respect and appreciation they deserve as employees in their daily work for the company.”

The Future

The future of H&M appears to be bright. With the aforementioned statement in support of the fashion retailer, there is no reason that the company should have problems successfully rising above this data breach. The company’s willingness to compensate the affected employees as well as their desire to ensure that future staff is better trained shows that the company is prioritizing keeping their employees and customers happy. 

Currently, the company is committed to being more sustainable. They want to bring the future of fashion forward by creating a more conscious brand that is committed to protecting the environment.