Sweden’s data protection authority has ruled that security giant Securitas unlawfully monitored employees through camera systems installed in company vehicles, finding that the surveillance violated privacy rules and went beyond what was necessary for business purposes.
The decision follows an investigation into how Securitas used camera technology in its vehicle fleet. Regulators concluded that the company collected and processed personal data from drivers in a manner that did not comply with Swedish and European data protection requirements.
According to the watchdog, the cameras continuously recorded drivers and captured personal information while employees were carrying out their daily duties. Investigators found that the level of monitoring created an excessive intrusion into workers’ privacy and failed to meet the proportionality standards required under the General Data Protection Regulation (GDPR).
The case centered on whether Securitas had a legitimate reason to collect such extensive footage and whether less intrusive measures could have achieved the same safety objectives.
While the company argued that the cameras were intended to improve road safety, investigate incidents, and protect employees and company assets, regulators determined that the monitoring practices exceeded what was necessary to achieve those goals.
Privacy advocates have long raised concerns about the growing use of in-cab surveillance systems in commercial vehicles. Modern fleet-management platforms can include cameras, location tracking, driver-behavior monitoring, and artificial intelligence tools capable of analyzing movements, attention levels, and other activities behind the wheel.
Supporters of such technologies argue that they help reduce accidents, improve driver training, and provide evidence in the event of disputes or insurance claims. Critics, however, warn that constant monitoring can create a workplace environment where employees feel continuously watched, raising significant privacy and data protection concerns.
The ruling adds to a broader European debate over workplace surveillance and the limits employers face when monitoring staff through connected technologies. Regulators across the EU have increasingly scrutinized the use of cameras, biometric systems, productivity-monitoring tools, and location-tracking technologies in the workplace.
Under GDPR, employers must demonstrate that data collection is necessary, proportionate, and supported by a valid legal basis. Organizations are also expected to minimize data collection and ensure that employees are adequately informed about how monitoring systems operate.
The Securitas decision serves as another reminder that workplace safety initiatives involving surveillance technologies must be carefully balanced against employee privacy rights. Companies deploying monitoring systems may face regulatory action if authorities determine that the collection of personal data is excessive or unjustified.
The watchdog has ordered corrective measures and emphasized that organizations using vehicle-based monitoring technologies must ensure that privacy considerations are built into system design from the outset.