Austria’s First GDPR Fine Is For Video Surveillance

Author: Charles Rollet, Published on Jan 29, 2019

Should EU businesses be concerned if police see a business' surveillance cameras filming public areas?

This is what happened with Austria’s first GDPR fine, imposed on a betting shop for filming public areas with its security cameras.

austria gdpr fine

The case racked up a total of almost $6,000 in fines, some of which were for non-GDPR violations. It has been appealed, so is not final. The case is nevertheless an important example of the heightened risk faced by end users in the GDPR era, particularly since it was the GDPR-related fine that was by far the highest.

In this note, we examine:

  • How They Got Caught
  • Alleged Violations
  • GDPR vs non-GDPR Violations
  • How The Fines Were Calculated
  • Why the GDPR Fine was the Highest
  • The frequency of Video Surveillance Fines in Austria
  • Timing & Gravity of Offense
  • Broader Meaning

****** ** ********** ** ********* ** ****** *** * ********' surveillance ******* ******* ****** *****?

**** ** **** ******** **** *******’* ***** **** ****, ******* on * ******* **** *** ******* ****** ***** **** *** security *******.

austria gdpr fine

*** **** ****** ** * ***** ** ****** $*,*** ** fines, **** ** ***** **** *** ***-**** **********. ** *** been ********, ** ** *** *****. *** **** ** ************ an ********* ******* ** *** ********** **** ***** ** *** users ** *** **** ***, ************ ***** ** *** *** GDPR-related **** **** *** ** *** *** *******.

** **** ****, ** *******:

  • *** **** *** ******
  • ******* **********
  • **** ** ***-**** **********
  • *** *** ***** **** **********
  • *** *** **** **** *** *** *******
  • *** ********* ** ***** ************ ***** ** *******
  • ****** & ******* ** *******
  • ******* *******

[***************]

*** *** **** *** ******

********* ** ********** **** *******,***** ****** ******** ******* *** ************ ******* ******* ****** ***** above *** ******** ** * ******* **** ** *** ****** of******** ***** **, ****. (******* ***** *** ****** ** ***** of ****** *** ******* ******* ** * ***** *****/*** ***** patrons *** *** **** ******** ** ***** ****.)

* **** *** ****** ***** *** *********** ** *** ******** data ********** ******,*** ***, ***** *** **, ****, *** **** *** **** *** enacted. **** ** ******* ***** ** *** ****, ******* ***** surveillance ***** **** ******* ** ***** ***********, *** *** ***, the ****** **** ****.

List ** **********

*** *** ****** **** *** ******* **** ********* **** ******** privacy **********:

  1. *** ******** ******* ******* ** *** ****’* ******** ********* * public ******* *** *** ******* *****, ********* ****** ******* ** and ********’ ******* ******.
  2. *** ******* **** *** ********** **** ***********.
  3. ***** ************ ******* *** **** *** ** ********** **** ****** with ** ************* ********. (******** ******* *** ******** ***** ************* for *** ***** ************ ******* ******* ****** **** ** *****.)
  4. ***** *** ** ****** **** ********** **** ***** ************ *** being ****.

*** ******* **** *** ******* ** *** *** **** *** name **********, ******** *** ******* *** ******* ** *** **** of * *****.

GDPR ** ***-**** **********

*** ***** ********* – ******* ****** ***** – *** *** only ****** ****** ** ********* *** ****, **** *** *** highlighting *** ******** ******** ** *** ***:

  • ******* *, ***** ****** **** *** ********** ** ******** **** ** ******* ** **** ** ********* ** ******** ** *** ******** for ***** **** *** *********”. *** *** ***** **** *** betting ****’* ********** *********** *** *** *******’ ******** ******* ** *********** *** entrance.
  • ******* *, ***** **** *** *** ********** *** ****** **********, **** as “*******” *** “********** ********”. *** *** ***** **** *** betting ****’* ******* ********* **** ** ***** **********.

*** ***** ***** ******* **** *** ********** *********’* ******** ******* ***, ***** *** ****** ** ****.

*** ****** ****** *** **** ** ***-**** ***** ** **** “the ******** ** *** ******* ******* ******** ****** ** *** 2018” *.*. *** **** *** **** *** *******. ********* ********** 2, *, *** * **** ******* ***** ******** ******* *********** while *** ***** *** ******* ***** *** ****.

How *** ***** **** **********

*** *** **** *********, *** **** *** ***** *,*** ***** ($2,717). *** ***** *****, ***-**** ********** ******** ***** ** *** euros **** ($***), ** **** *** ** ******** ******** ******* law.*** ***** ** ***** *** **** *,*** ***** ($*,***). * 10% ***** *** *** *****, ******** *** ***** ** *,*** euros ** $*,***.

(**********: “**** ** *****”, “******* ** **** ***** *** *** collected”, “************ ******”, “[*****] *********”)

GDPR ****** ****** *****

*** **** **** *** **** ********* *** ***** *** *,*** euros ***** *** ***-**** ***** **** **** *** ***** ** not * ***********.

*** ***'* ****** **** ******* ******* ********* ** **** (******** added):

********* ********, *** **** ****** ****** ****** **(*) *** (*)significantly ****** **** concerning the determination of the total amount of an imposed fine in relation to prior legal provisions in force before the GDPR.

************, *********** ************* ************************* ***** **** ** ************ ** *** **** ** *** offender; * ***** ******* **** ***** *** ** ******* **** the ******* **** ****, ***** *** ***** ** ******* ***** or *% ** ****** ****** *******.

*** **** ** ** *************. *** *******, * ****** **** a ******** *** *** ** ****** ****** ** **,*** ***** [$45,300] **** * **-*******-**** **** [$** *******].

Frequency ** ***** ************ ***** ** *******

**** ** *** *** ***** **** ******* ***** ************ ** fined ** *******. ******** ** *** *** ******* **********, ******* told **** **** ***** *** * "****** **********", ****** *** after *** ****:

*** ******** ** *** ****** ***** ******* *** ******** ******* use ** ****.

Timing/Gravity ** *******

*** ****** ************* ** *** ******* **** ***** ** ***** 2018 *** *** ***** **** ********* ** ********* ****. *** shop *** ******** *** **** *** *** *** ** *******’* federal *****, ***** *** *** ** **** ** **, *** DSB ********* ** ****.

*** *** **** ********* **** **** ** *******’* ***** **** fine. *** ******-**** ***** ** **** ***** ***** **** *** fact **** **** ********** *** ***** ******* * ******* ** cases ***** ***** **** ****** *** ****’* *********.

*** *** ****** *** ****’* ******* ** ** “*********” ****** “mitigating” ** “***********”. **** ** ******* *** ******* **** ****’* have *** ******** ****** ** **********, ******* *** ******* *** months-long ***** ************.

**********

**** **** ******** * ************ ************ ******* ** *** ***** can ** ****** ****** ** *** ****.* $*,*** **** *** * ****** ***** **** *** ** quite * *********** ******, *** ** ** ****** **** *** total **** ***** **** **** ****** *** *** *** ********** taken ***** ***** *** ****’* ********* ** *** **.

**** ** ********* *** *****, ***********, *** *** ****** ********** video ************ **** ****** ****** **** ** ****.

Comments (28)

Donald Erickson

01/29/19 11:55am

**** *****.

Avatar

Sean Nelson

Nelly Security | 01/29/19 10:32am

* **** *** "******* ****** *****"???

"*** ******* **** *** ********** **** ***********"

*** ****!

Avatar

Charles Rollet

In reply to Sean Nelson | 01/29/19 10:22pm

***** ** *** **, ******* ** ******* **** **** *** a **** **** ********* ***** ************ **** **** *********** (*** this ******** *** ****.) *** ******* ** ****** *** ******************** ************** **** ********** ******** ******* **** **** ****** *****, "**** if **** **** ** ****** *** ******** ** ***** ******* parked ** ***** ** ***** ****.”

Undisclosed Integrator #1

01/29/19 05:07pm

"***** *****" ** *** ****....

Undisclosed #5

In reply to Undisclosed Integrator #1 | 01/30/19 11:15pm

************** *********, *** ***** *** ****** ** ***** ******* “*******” tracking ******** ** ****** ***** ******. *** ** ***** *** of ****...

Undisclosed #2

01/29/19 12:12pm

*** ****** ****** *** **** ** ***-**** ***** ** **** “the ******** ** *** ******* ******* ******** ****** ** *** 2018” *.*. *** **** *** **** *** *******. ********* ********** 2, *, *** * **** ******* ***** ******** ******* *********** while *** ***** *** ******* ***** *** ****.

**** ******* **** *** *** *************************** ** **** **** **** *** **** **** ** $*,*** would **** **** ******; *** **********, *** *********************** ** ****, **** **** *** * $*** ***** ***** have **** *******.

** **** ** **, *** ** *** *** ****

** *** *** ****-******* **** **** *** ** *** *** highest.

**** ** **** ****** ** **** ** $****, **** **** the ***-**** ****** **** ***** *****, *** **** *** *** same *******?

Avatar

Charles Rollet

In reply to Undisclosed #2 | 01/30/19 03:14am

****, *** ** *******. **** *'* ****** ** **** *** all *** ******* ********** ***** ***** ***** *** **, *** 4 ********** ***** **** **** *********** ** **** **********, ****** than **** *. ***** *** **** ***** *********** ************* **** leeway ** ******** *****, **** ** *** ********** ***** **** been *****, *** *******, *,*** ***** - ** ****'* *,*** x * = *,*** ***** ***** ** *****, ** ****** $11,000.

**** *** ***-**** ********** **** *** "****** **** ***** *****"; each *** *** * ********** ********* ** ******* ***********.

* **** **** ** ***** ** ************** **** ***** *** GDPR ********** *** ********* ****** **** *** ****** **** ** the ******** **** ********** ****** ******** *******. ** ********* **** to **, ******* ** **** (******** *****):

"********* ********, *** **** ****** ****** *** *** ** (*) and (*)significantly ****** **** concerning the determination of the total amount of an imposed fine in relation to prior legal provisions in force before the GDPR. In addition, in this particular case, the Austrian DPA had to take transitional provisions into account, which ******* *** ***** ***** ***** ** *** ******** ***** ********* prior to the GDPR in which the infringing action started before the 25th of Mai 2018."

Undisclosed #2

In reply to Charles Rollet | 01/29/19 11:35pm

**** *'* ****** ** **** *** *** *** ******* ********** taken ***** ***** *** **, *** * ********** ***** **** been *********** ** **** **********, ****** **** **** *.

** *** *** ****** ************ **, *** **** ******* ******* *** *** ******* ** private *****?

*** **** *********, ***************** **, **** *** ********** *** *******, *** ***** **, remedied *** ********* ****** ***?

**** ****** ******** ** **, *** **’* ********.

** *** ***** ****, ** *** ** *** * ******** occurred ** **** ************* * *** ******* ***** **** ********, ** ***** **** a *** ********* ** ****** **** ************ *** **************, **** because **** **** ********* **** * ****** ** ******* **** period.

**** **** **** ***** :)

* *** *** ** ***** ******, *** *** **** *** gave ******** *** ******* “*** ***** ***** ***** ********”...

Avatar

Charles Rollet

In reply to Undisclosed #2 | 01/30/19 01:44am

** *** *** ****** ************ **, *** **** ******* ******* *** *** ******* ** private *****?

*** **** *********, ***************** **, **** *** ********** *** *******, *** ***** **, remedied *** ********* ****** ***?

*** **** ***** **** "**** ** *** ******* ********** ******** before *** **." ** ********** *, *, *** * **** found ** *********** ****** *** ****, *** ********* * *** only ********* **********. ******* ********** *-* **** ******* ***** ************ prior ** ****, *** **** ***'* ** ********** *** *** same ******* ****-****. ***** ** ** ******* ** *** **** registering *******, ******* ** *****, ***.

* *** *** ** ***** ******, *** *** **** *** gave ******** *** ******* “*** ***** ***** ***** ********”...

** ***, * ***** *** **** ** *** *******. *** can ********* ****.

Undisclosed End User #3

01/29/19 05:33pm

* **** * *** ****** **** ****** *** **** **** drive ** ** *******, ** ****** ***'* **** ** **** drive ******* ***. *** **** ***** *** ***** **** **** teenagers ******* ** *** ** *** ****.

Avatar

Jonathan de Chateau

In reply to Undisclosed End User #3 | 01/30/19 04:54am

*** ** *** ****** *** ****** ******* *****? ****, *** you ****** *** **** *** *** ********* ** **** ******** firmware ************* ** ***** ** ******** ** *** ******?

* ***** *** ********** * ****** ******* ** ****** ******** and ******* ***** * *****.

John Honovich

IPVM | In reply to Jonathan de Chateau | 01/30/19 05:00am

***** ** ******** ** *** ******?

** *** ******... :)

Avatar

Jonathan de Chateau

In reply to John Honovich | 01/30/19 06:28am

**** *** ***** ** *** ****** ** ****** :)

* ****** ***'* ********** *** ******** ********* ** ****. **** non-EU ******* **** ** **** ** ******* **** **** * hassle.

** ** * *** *** ***** *********

- **** ************* ** ****
- **** ***** *** *************

********** *** ****** ****** ****** ** *********. **** ***** * better ***** *** *** ******** *** ****** *** * ****** level ** ********* *** ************.
********** **** ****** **** * ****** ******* *** ****** ******.

Undisclosed End User #3

In reply to Jonathan de Chateau | 01/30/19 07:14am

******* ****, ****** ******* ******, *** **** **** *** *********** answer, (**** ** *** *** **).

* **** * ****** ****'* ***** ** ** ******** ** LPC, * *** *** **** ** **** ******* **, *** no ****** **** **** **** **** ** ********. ** *****'* see *** ** ***** *****, *********, ** ***** *****. **'* a "***** ************" ** ** * ******* *** ***** ** grab ****** ******* ** **** ******'* ****.

* ****** **** *** ** ** ********* *** * *** mounted **' *** *** ****** ** *** **** ** ***** house, ****** **** ** ***'* ** * **** ***** **** play. ******* **** ******* ** ** ************ *** * ***** wifi ****** *** **** ** ******* **** **** ******* ** post ******** ** * ***** **** ******* ******* ******* ***** backyard **** ***** ******** ****. *** *** *******'* ** **** there, *** ******* ** ** *** ***** ******* ******** ***** (over ** ******* ** ***) *** ****** ** *** **** in ******* *** ****.

Avatar

Jonathan de Chateau

In reply to Undisclosed End User #3 | 01/30/19 07:35am

* **** * *** ****** **** ****** *** **** **** drive ** ** *******, ** ****** ***'* **** ** **** drive ******* ***.

* ****** **** **** ******* ** *** ********* *** ***, there *** ** ********* ** **** ******** ******** ***** ********.

** **'* **** ******** *** *** ****** *** ******, **** goes *** *** *** *******. ** ******** *****.

**'* *** ****** ** *** ****** * ****** ** ***** filmed, ** ****** ***** ** ******* ******* ** ** **** private ********. **** *** ***** ******** ******* ******** *** ***'* have *** *** ** ***** ****** *******. *********** **** *** need ** ** ***** ******... * ***'* ***** ***** **** that ****

Undisclosed End User #3

In reply to Jonathan de Chateau | 01/30/19 08:22am

** ******* **** ** *** ******, * ******* **** **** just ******* ** ** ** *** ******** **** ******* *** of *** *********, ** ******* **** *** **** ** ***** that *** ** *** ***** * ********* ** *** ***** they **** ** ** ****'* ***** ******.

** *** ** *****, ** *** ****** ****** ** * public ****, * *** *** **** ** ***** ***, *** only *** ***** ** *** **** **** **** **** ** driveway, **** ** **'* **** ** **** ******. ****** * PTZ *** * ****** ***** **** *** **** **** ****** a ******* ***'* *** **** ** * ***** ****** **** sees * ******** ****.

*** ** *** ****** *** **** ** *****/******** ** ****** in ***** ******** ** ********, ** ** ******** ** * felt *** **** ** ***** ****** ****** ** ***** ** running **** ****** ** *** ***. *'* *** **** ** the **, *** ** *** ******, **** ** ******** ** be **** *******, *** ********* ****** ** ********.

Undisclosed #5

In reply to Undisclosed End User #3 | 01/30/19 05:42pm

******** *** ******** ** *** *** *** ******** ********* ******.

Michael Votaw

In reply to Jonathan de Chateau | 02/14/19 08:32am

******, ***** *** ********* ******* **** ********** ***** **.

Undisclosed Integrator #4

01/29/19 01:46pm

**** *** ******** ****** ************, ** **** ****** **** * way *** *** **** ** **** ********* *** ****** ** all ******* **** * **** ** *** ****** ******* ****** to ***/******* **********. ** ***** ** ******* ******** ***** ** in *** ******* **** *** **** ** ******* ** ****.

****, * ***** ***** * **** ** *********** ** *** cameras *** ** ***** ****. **** ** *********** ** *** want

Avatar

Charles Rollet

In reply to Undisclosed Integrator #4 | 01/29/19 10:18pm

**** **** ** ************** ** * ********* *****, *******, *****'* no ********* ******** ** *** **** ** ******** ** ******* laws **** ***** ******** ***** ************ *** *** ******** ** long ** *** ******* *** ** ***** ****. (*** *** see ***: * *********** *** ***** ***** ******* *** ****** visible **** **** ******** ***'* **** ****** ** **** ** and ****** ****).

Carl Kristoffersen

In reply to Charles Rollet | 02/03/19 09:59am

*** * **** ** *** ***** *** **** ***'* **** see **.

**** ** *****, "***'** ** ******".

Avatar

Jonathan de Chateau

In reply to Undisclosed Integrator #4 | 01/30/19 04:49am

* *** ********** *** **** **** ***, *** **** ******* when **** *** ** ******** ********* ******** ******* ** *** house, ******* ** *** **** *** **** ******* ** **** garden *** ******* ****?

**** ** * ******, *** * **** ***** *** *** end ****

Undisclosed #2

In reply to Jonathan de Chateau | 01/31/19 10:18am

...*** **** ******* **** **** *** ** ******** ********* ******** cameras ** *** *****, ******* ** *** **** *** **** looking ** **** ****** *** ******* ****?

****?

Undisclosed #5

01/30/19 06:39pm

* ******* ****** *********** ** **** ***** ***** **** *****, and * ******** *** ********* ********* ** ***** ***** *** laws ** *** *****. *** ************ ** ********** ************ ** everyday **** ** ********* ** * ********** **** *******.

Avatar

Alf Katz

01/30/19 04:49pm

*'* ****** **** **** ** ***'* **** **** **** ** Australia, ***** ******* ******* ** ***** **** ****** ** **** the ******** ** ***** ** *** ***** **** **** ******* responsible *** *** ************ ** * ******/*********, *** ******* * number ** ***** ******. *** ****** ********* **** ** ******* CCTV *****.

** ** **** **** ***** ****** **** ****** ********** ******.

John Honovich

IPVM | In reply to Alf Katz | 01/30/19 06:06pm

***, **** *****. * ******* ******** ****** ** *** ** with ******* ** ***** ******* ******* ** **** ***** ****** cases. ******, ** *** **, * ****** ** ***** ****** departments ***** ********* ** ******* ******* ** **** ***** ******. It ** ** ** *********** ******** ******* *******, ********, *** cost (*.*., ***** ******* ******* *** **** **** ********* **** building *** ********** ****** *******).

Undisclosed End User #6

01/31/19 09:26pm

*********** *******, ****** **** **** ****** ** *** ***** ***** GDPR ********** *** *****. **** *** ********* ** **** **** privacy **** *** ***** ** *** ****** ****** *** ***** countries.

*********:

****** ********* * ******* ******* ***

****** ******* *** *** ** *******

Michael Votaw

02/14/19 07:33am

******* ********* ******* ** *** ********** ******* **** *** *********. Do **** ****** ***** **** *** ****** ***** *** ****** are ***** ** ****** **** ***** *** ***********. *'* *** for **** *********, ******** ******* *** *********** ** ******** ****, but ****** **** ** ** ********* ***** **** ***** ***** and ***** *** **** *** *** **** **** ****** ****.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Casino Surveillance Pro Interview: James Lathrop on Feb 15, 2019
James Lathrop has been working in casinos for almost 25 years. During that time, he says he has held "just about every job you can do in the...
Mobile Surveillance Trailers Guide on Jan 17, 2019
Putting cameras in a place for temporary surveillance where power and communications are not readily available can be complicated and expensive....
UK Fines Security Firms For Illegal Direct Marketing on Jan 16, 2019
Two UK security firms have paid over $200,000 in fines for illegally making hundreds of thousands of calls to people registered on a government...
The False SCMP Story on Hikvision NYC AI on Jan 14, 2019
In the past week, one of Asia's largest publications, the South China Morning Post (SCMP), posted an article about "Chinese [facial recognition]...
UK: Private Video Surveillance Complaints Down Since GDPR on Jan 09, 2019
The arrival of the GDPR on May 25, 2018, brought fears the law would spark a massive increase in privacy complaints about security camera use....
IPVM Best New Products 2019 Opened - 70+ Entrants on Jan 07, 2019
The inaugural IPVM Best New Product Awards has been opened - the industry's first and only program where the awards are not pay-to-play and the...
ASCMA / Moni Problems Deepen, Lenders Terminate Support Agreement on Dec 28, 2018
Ascent Capital Group, aka ASCMA, currently branded Brinks Home Security, formerly known as Moni and Monitronics faces a troubling end to a rocky...
Startup Sunflower Labs' Autonomous Drone Security System on Dec 11, 2018
Startup Sunflower Labs is claiming a unique design on a home security system, combining autonomous drones and 'Sunflower' sensors. Imagine an...
Infinova's Xinjiang Business Examined on Dec 07, 2018
As pressure mounts for companies to stop doing business in China’s Xinjiang region amid a severe human rights crisis, IPVM has found Infinova sold...

Most Recent Industry Reports

Exacq Raises VMS Software Pricing Twice in Less Than a Year on Feb 18, 2019
Most VMSes regularly release new features, but rarely increase their prices. For the 3rd time in 4 years, and 2nd time in 8 months, since being...
Axis IR Multi Imager Camera Tested (P3717-PLE) on Feb 18, 2019
Axis has released their first IR multi imager, the P3717-PLE, a repositionable model listing 360° IR illumination and flexible positioning,...
Ubiquiti Favorability Results 2019 on Feb 18, 2019
Ubiquiti has quietly grown into a $1+ billion annual revenue company, with offerings across wireless, wireline network and video surveillance (see...
Casino Surveillance Pro Interview: James Lathrop on Feb 15, 2019
James Lathrop has been working in casinos for almost 25 years. During that time, he says he has held "just about every job you can do in the...
Hikvision 2018 Revenue Tops $7 Billion USD But Growth Slows To Low on Feb 15, 2019
Hikvision's annual revenue topped $7 billion for the first time in 2018, although growth slowed sharply. In this post, we analyze the latest...
Hanwha Smaller Multi Imager Tested (PNM-9000VQ) on Feb 14, 2019
Hanwha's first repositionable multi imager PNM-9081VQ tested well, but was huge, over 12" wide and weighing in at over 10 pounds. Now, they have...
ADT And 'The Defenders' Silent About Massive Complaints on Feb 14, 2019
ADT's largest dealer, "The Defenders" has been the subject of a massive number of complaints over many years and many forums, most recently a CBS...
Hikvision Chairman Praises United Front on Feb 14, 2019
Hikvision’s controlling shareholder held a meeting last month praising the United Front, a Communist Party organization known for its secretive...
Sales Turnover At Anyvision on Feb 13, 2019
Anyvision raised a $43 million Series A and according to their newest investor: what you need to do is push the gas pedal and build an...
Cisco Meraki Cloud VMS/Cameras Tested on Feb 13, 2019
Cisco Meraki says their cameras "bring Meraki magic to the enterprise video security world". According to Meraki, their magic is their management...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact