Bayerisches Landesamt für Datenschutzaufsicht – Court Ruling (Germany, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A German court ruled that a gym's use of video cameras in training areas was not lawful. The gym claimed the cameras were needed for safety and theft prevention, but the court found less intrusive options were available. This decision highlights the importance of balancing security measures with privacy rights.
What happened
A gym used video cameras in training areas without meeting the necessary conditions for lawful surveillance.
Who was affected
Gym members and visitors who were recorded by the video cameras in the training areas.
What the authority found
The court decided that the gym's video surveillance was not necessary and the Bavarian DPA could require the gym to stop using the cameras.
Why this matters
This ruling emphasizes that businesses must carefully evaluate the necessity of surveillance and consider less intrusive alternatives. It serves as a reminder that privacy rights must be respected even when security is a concern.
GDPR Articles Cited
The controller runs a gym. The defendant is the Bavarian DPA (BayLDA). The controller and the BayLDA were in dispute about the lawfulness of a video surveillance with six video cameras in the training rooms and the counter of the gym. The controller argued that the video surveillance served to prevent and solve thefts and damage to property, which had occurred several times in the past. In addition, the video surveillance served to prevent sexual harassment, as a continuous presence of the staff in all rooms could not be guaranteed. After a client of the controller requested the BayLDA to stop the video surveillance, the BayLDA issued a notice. It required the controller to refrain from observing the training areas with video cameras pursuant to Article 58(2)(f) GDPR. After that, the controller replaced the the video cameras with dummy cameras. The BayLDA argued that, while the legal basis for the video surveillance can generally be Article 6(1)(f) GDPR, the conditions were not met in the present case. In particular, the video surveillance was not not necessary as the controller could have considered less restrictive means such as increased staff and anti-theft devices. The controller argued that, due to the contractual relationship with the clients, it also had a secondary obligation to ensure their safety, in particular by preventing or solving thefts and assaults through video surveillance. In addition, the data subjects would be informed about the monitoring via signs and the general terms and conditions, thereby also consenting to the video recordings. The controller claimed that, after replacing the video cameras with dummy cameras, it could expect yearly damages in the amount of €10,000 to €15,000 since the clearance rate without the video camera was almost zero. The court held that the video surveillance was not lawful and that the BayLDA was entitled to require the controller to refrain from using video cameras in training areas pursuant to Article 58(2
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Bayerisches Landesamt für Datenschutzaufsicht in DE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Bayerisches Landesamt für Datenschutzaufsicht - Germany (2022). Retrieved from cookiefines.eu
Last updated: