Austria’s First GDPR Fine Is For Video Surveillance

*** *** **** *** Caught

********* ** ********** **** *******, ***** ****** ******** ******* two ************ ******* ******* public ***** ***** *** entrance ** * ******* shop ** *** ****** of****** ** ***** **, ****. (Betting ***** *** ****** in ***** ** ****** and ******* ******* ** a ***** *****/*** ***** patrons *** *** **** machines ** ***** ****.)

* **** *** ****** which *** *********** ** the ******** **** ********** agency,*** ***, ***** *** **, 2018, *** **** *** GDPR *** *******. **** is ******* ***** ** the ****, ******* ***** surveillance ***** **** ******* by ***** ***********, *** the ***, *** ****** told ****.

List ** **********

*** *** ****** **** the ******* **** ********* four ******** ******* **********:

1. *** ******** ******* ******* at *** ****’* ******** monitored * ****** ******* lot *** ******* *****, recording ****** ******* ** and ********’ ******* ******.
2. *** ******* **** *** registered **** ***********.
3. ***** ************ ******* *** kept *** ** ********** time ****** **** ** justification ********. (******** ******* law ******** ***** ************* for *** ***** ************ storage ******* ****** **** 72 *****.)
4. ***** *** ** ****** sign ********** **** ***** surveillance *** ***** ****.

*** ******* **** *** unnamed ** *** *** does *** **** **********, although *** ******* *** mention ** *** **** of * *****. 

GDPR ** ***-**** **********

*** ***** ********* – filming ****** ***** – was *** **** ****** listed ** ********* *** GDPR, **** *** *** highlighting *** ******** ******** of *** ***:

• ******* *, ***** ****** **** the ********** ** ******** data ** “******* ** **** ** necessary ** ******** ** the ******** *** ***** they *** *********”. *** DSB ***** **** *** betting ****’* ********** *********** *** *** cameras’ ******** ******* ** surveilling *** ********.
• ******* *, ***** **** *** the ********** *** ****** processing, **** ** “*******” and “********** ********”. *** DSB ***** **** *** betting ****’* ******* ********* none ** ***** **********.

*** ***** ***** ******* were *** ********** *********’* ******** ******* ***, ***** *** ****** in ****.

*** ****** ****** *** GDPR ** ***-**** ***** is **** “*** ******** of *** ******* ******* occurred ****** ** *** 2018” *.*. *** **** the **** *** *******. Therefore ********** *, *, and * **** ******* under ******** ******* *********** while *** ***** *** charged ***** *** ****.

How *** ***** **** **********

*** *** **** *********, the **** *** ***** 2,400 ***** ($*,***). *** other *****, ***-**** ********** received ***** ** *** euros **** ($***), ** laid *** ** ******** Austrian ******* ***. *** ***** ** ***** was **** *,*** ***** ($5,435). * **% ***** fee *** *****, ******** the ***** ** *,*** euros ** $*,***.

(**********: “**** ** *****”, “Penalty ** **** ***** are *** *********”, “************ period”, “[*****] *********”)

GDPR ****** ****** *****

*** **** **** *** GDPR ********* *** ***** was *,*** ***** ***** the ***-**** ***** **** only *** ***** ** not * ***********.

*** ***'* ****** **** Matthis ******* ********* ** IPVM (******** *****):

********* ********, *** **** allows ****** ****** **(*) *** (*)significantly ****** **** concerning the determination of the total amount of an imposed fine in relation to prior legal provisions in force before the GDPR.

************, ******* **** ************* ********************* **** ***** **** ** proportional ** *** **** of *** ********; * small ******* **** ***** not ** ******* **** the ******* **** ****, which *** ***** ** million ***** ** *% of ****** ****** *******.

*** **** ** ** proportionate. *** *******, * cannot **** * ******** who *** ** ****** income ** **,*** ***** [$45,300] **** * **-*******-**** fine [$** *******].

Frequency ** ***** ************ ***** ** *******

**** ** *** *** first **** ******* ***** surveillance ** ***** ** Austria. ******** ** *** not ******* **********, ******* told **** **** ***** are * "****** **********", before *** ***** *** GDPR:

*** ******** ** *** fining ***** ******* *** presumed ******* *** ** CCTV.

Timing/Gravity ** *******

*** ****** ************* ** the ******* **** ***** in ***** **** *** the ***** **** ********* in ********* ****. *** shop *** ******** *** case *** *** *** to *******’* ******* *****, which *** *** ** rule ** **, *** DSB ********* ** ****.

*** *** **** ********* that **** ** *******’* first **** ****. *** months-long ***** ** **** fines ***** **** *** fact **** **** ********** are ***** ******* * backlog ** ***** ***** began **** ****** *** GDPR’s *********.

*** *** ****** *** shop’s ******* ** ** “negligent” ****** “**********” ** “aggravating”. **** ** ******* the ******* **** ****’* have *** ******** ****** of **********, ******* *** illegal *** ******-**** ***** surveillance.

**********

**** **** ******** * particularly ************ ******* ** how ***** *** ** higher ****** ** *** GDPR. * $*,*** **** *** a ****** ***** **** can ** ***** * significant ******, *** ** is ****** **** *** total **** ***** **** been ****** *** *** the ********** ***** ***** after *** ****’* ********* on *** **. 

**** ** ********* *** users, ***********, *** *** others ********** ***** ************ data ****** ****** **** in ****.