Earlier this year the Swedish Customs service, Tullverket, was issued a SEK 300,000 fine by the Privacy Protection Authority for GDPR violations stemming from employees’ inappropriate use of Google Photos.

As far as we can tell the employees were not doing anything malicious. In fact, they were simply trying to do their jobs and remain productive. They likely found Google Photos to be an easy way to store and share photos, and since the organization did not provide restrictions on the service, or better provide a secure managed alternative service, the employees took matters into their own hands.

This fine equates to around USD $29,000 or EURO €28,000, and more importantly opens the door for further investigations into IT policies and privacy practices of the Customs service.

The CAPTOR solution would have been an ideal way to avoid these sanctions. CAPTOR is deployed as a managed camera app, with detailed controls on what employees can do with the photos they capture at work. An organization can set up their own private photo storage servers and avoid having any of the content drifting unprotected in the cloud or found on US-based servers. Additionally, IT could impose guardrails on how the photos and other captured content can be shared, restricting to certain apps or attachments to only corporate email accounts.

If your organization is subjected to privacy laws such as GDPR, or subjected to other regulatory guidelines on how photos are managed, please request a free trial of CAPTOR and we can work together on a solution.