French company fined €10,000 for failing to share GPS tracking data with employee

A man hoped to settle a court case with GPS data from a company car involved in a traffic accident, but his employer declined to share it
  • Peter Sayer (IDG News Service)
  • — 09 July, 2012 14:58

A French company must pay a ¬10,000 (US$12,281) fine for failing to provide an employee with GPS data tracking the movements of his company vehicle, the French National Commission on Computing and Liberty (CNIL) announced Monday.

The man wanted the data in order to prove that a traffic accident in which he had been involved took place while he was on business for Equipements Nord Picardie, a regional water utility.

France has strict laws governing what personal data businesses may store on a computer, and provides that anyone may request a copy of data relating to them. Typically, access requests are made by persons wishing to correct or delete personal data held about them, two other rights enshrined in French law.

However, in this case, the man hoped to use the tracking data gathered by his employer to convince a court that he had been the victim of a workplace accident.

Eleven weeks after his initial request to his former employer, he complained to the CNIL, which asked the company to turn over the data four times over the following six months. Another month passed, still with no reply. The CNIL gave the company formal notice to turn over the data within two weeks, but it refused, saying the employee could consult the data in its office.

"Through its stalling tactics, the company took the risk of depriving the plaintiff of the possibility of accessing data, the storage of which was only guaranteed for six months after its recording," the CNIL said in its ruling, published Monday.

That could have left the employee without the means to prove to his health insurance provider that the accident had been sustained on company business.

In view of the company's procrastination and its refusal to provide the copy of the data required by law, the CNIL decided to impose a ¬10,000 fine.

Peter Sayer covers open source software, European intellectual property legislation and general technology breaking news for IDG News Service. Send comments and news tips to Peter at peter_sayer@idg.com.

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security That Fits

Improve the effectiveness of your security or get unique network threat discovery and remediation

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »