Skip to content

Illustration by Security Management

Company, Former Executives Pay the Price for Investigative Overreaches

Ikea France was ordered yesterday to pay a €1 million fine for spying on its employees. In addition, the former chief executive of Ikea France was found guilty, given a suspended two-year prison sentence, and ordered to pay a €50,000 fine.

The incident is unrelated to GDPR—in fact, the activity significantly predates the privacy law. In 2012, French news organization Le Canard Enchaîné published emails between Ikea France executives and a private security firm appeared to show the company spying on its employees, union organizers, job applicants, and customers. The security firm apparently could access databases of the French national police to obtain information the individuals.

According to a New York Times article summarizing the case when the trial start earlier this spring:

The alleged snooping was used to investigate employees and union organizers, check up on workers on medical leave, and size up customers seeking refunds for botched orders. A former military operative was hired to execute some of the more clandestine operations.

As an example, in 2013, the Times published an account of one Ikea France executive who was fired as a result of the clandestine operations. The executive, Virginie Paulin, a former deputy director of communications and merchandising at Ikea France, took a year’s medical absence to recover from hepatitis C—an absence which was allowed and cleared under French labor law and her local Social Security office.

When the company learned she had taken a trip to Morocco, Ikea France's hired investigators posed as an airline worker and enticed Paulin to furnish copies of her passport stamps in a free-ticket-offer ruse to gather evidence of the trip. However, Paulin had received permission from the Social Security office to stay at a villa she owned in Morocco. Paulin was eventually fired.

The tactics were also used to thwart the actions of unions, including the use of spies posing as cashiers who gained access to union activities. An attorney for the unions said, “Their plan was to infiltrate the unions and explode them from the inside.”

Ikea France’s defense insisted that the actions were not part of a corporate plot, but rather the work of the company’s head of risk management, Jean-François Paris, who was acting on his own initiative. However, Paris testified at trial, saying: “This was not a personal step, but a system put in place at the request of the management of Ikea.”

Despite the defense, Ikea France quickly implemented a number of safeguards—including firing the executives involved—as a result of the scandal soon after it was discovered. In a statement after the court announcement, the company said, “IKEA Retail France has strongly condemned the practices, apologized and implemented a major action plan to prevent this from happening again.”

A report from the Society of Human Resource Management (SHRM) examines the legal landscape of surveilling and monitoring employees in the United States. (Note: The article was written in 2019. It is still accurate; however, it predates the passage of Virginia’s privacy laws.) In addition, earlier this year the Brookings Institution looked into the issue of workplace surveillance practices.