The French data protection authority’s (DPA) recent fine of 32 million euros (then-U.S. $35 million) against an Amazon warehouse manager for violating employees’ rights to privacy in the workplace once again raises questions about what constitutes an overzealous approach to employee monitoring and why companies fail to recognize the signs.

Workplace monitoring is not prohibited—it merely needs to be justified, proportionate, and have a lawful basis. But the Amazon France Logistique case highlights both the proliferation of monitoring devices and organizations’ ignorance of how they can be used properly/legally.

It also shows the appetite regulators in some jurisdictions have to prosecute such violations.