Blog
CNIL Fines French Company €10,000 for Refusing Employee Access to Data
Blog
July 18, 2012
The French data protection authority (CNIL) recently fined a company €10,000 due its refusal give an employee access to, and allow him to get a copy of, his personal data. According to CNIL, this constituted a violation of French privacy laws. The company was also faulted for not cooperating with CNIL in its investigations of the company for this same matter. In particular, CNIL had sent the company several letters, and had notified the company formally that the practice of permitting employees to consult their data at the headquarters, but not permitting employees to copy their data, violated the basic tenets of the French law. Formal warnings and fines like this are infrequent, since the CNIL’s main concern is to have companies comply with the law and to encourage the effective implementation of the law, rather than fine companies or seek for their condemnation before the courts.
Tip: Companies subject to French law should keep in mind that employees need to be able to copy –not just have access to- the data a company keeps on them. In the event that CNIL makes a request, a company should do its best to work with that agency in order to avoid a fine or face further court procedures.
This entry has been created for information and planning purposes. It is not intended to be, nor should it be substituted for, legal advice, which turns on specific facts.