The BBC has just reported on the data protection furore facing Deutsche Bahn, Germany’s national rail service, following allegations that the company has been systematically spying on its own staff. Covert surveillance operations with exotic code names like “Babylon”, “Traviata” or “Prometheus” date back as far as 1998.
Berlin’s data protection commissioner and prosecutors are currently conducting an investigation into the affair over any breaches of data protection, which the company denies. Monika Birnbaum, an employment lawyer with Schwarz Kelwing Wicke Westpfahl, is quoted as saying:
“Screening the private data of employees and comparing this with the data of supplier companies is in accordance with German data protection law only if the employees themselves and the workers’ council agree with this beforehand. As far as we know, these criteria were not fulfilled, so the screening was contrary to labour law and data protection law”.
The company maintains that the screening was both lawful and justified, it is prepared to concede that
“the question does arise as to whether German data protection law was properly recognised especially because no information was forwarded to the supervisory board and to employee representatives”.