GDPR information obligation hit by a knife

GDPR information obligation hit by a knife

Mar 31, 2024 Isabelle Renard

By a judgment handed down on February 14, 2024 (Social Chamber, No. 22-23.073), the Court of Cassation undermined the supposedly absolute nature of the right of individuals to be informed of the processing of personal data concerning them.

In this case, video surveillance installed in a store allowed the employer to highlight thefts from the cash registers carried out by an employee.

The surveillance process was clearly unlawful: no prior information of employees in accordance with the Labor Code, no declaration to the prefecture, and insufficiently detailed information of employees with regard to the legislation protecting personal data (in force at the time of the events but substantially identical to what the GDPR now provides).

The Court of Cassation points out that just because evidence has been obtained unlawfully does not necessarily mean that it must be excluded from the proceedings in a civil case, provided that the production in question is essential to the exercise of the right of evidence and that the infringement of the rights of the person is strictly proportionate to the aim pursued. In this case, the High Court considers that these conditions were met, balancing the legitimate aim of the company (ensuring the production of its assets) and the employee's right to respect for her private life (which in this case suffered a modest and circumstantial infringement).

The scope of this ruling is significant. In the sphere of labor law, the means of employee surveillance are now varied and powerful: cybersurveillance, geolocation, etc. An employer could therefore, if the conditions are met, rely on the traces thus collected to justify a dismissal even if the employee was not fully and completely informed of said surveillance in accordance with the GDPR.

But this weapon will have to be handled with caution by the employer, because just because the evidence in question can be produced to the industrial tribunal does not mean that he will escape the fines provided for by the GDPR for failure to inform the persons concerned...

To go further, see our article in EXPERTISES, MAY 2024 p.32 "Illicit evidence and private life: the confrontation"

Also read

The courts do not recognize the validity of an electronically signed employment contract

Oct 30, 2022 Isabelle Renard

The Riom Court of Appeal issued a decision on October 4, 2022 (RG No. 21/02517) which is noteworthy since this court refuses to take into account an electronically signed employment contract.

The simple electronic signature: not so simple after all

Jan 31, 2024 Isabelle Renard

The Versailles Court of Appeal, in a judgment handed down on November 28, 2023 (CA Versailles, No. 22/06599, Caisse d'Epargne et de Prévoyance IDF v. MX), refused to recognize the reality of the simple electronic signature of a personal loan contract. This is not a rejection, in itself, of the simple level of electronic signature, but rather a sanction for the numerous gaps and imprecisions in the bank's argument in this case.

Electronic signature does not constitute consent

Sep 1, 2023 Isabelle Renard

On June 8, 2023, the Orléans Court of Appeal issued an original and very well-argued ruling on electronic signatures (RG No. 22/00539), concerning a personal credit contract between Carrefour Banque and a borrower.

Let's make an appointment
to study your file

Name

Phone

Email

Message

Thank you, your message has been sent

Isabelle Renard Law Firm
2 rue des Colonels Renard
75017 - Paris

+33 (0)1 85 08 44 87

We support a sustainable economy