The French data protection authority, the CNIL, has imposed a fine of €5,000 on a retailer for breaches of the French Personal Data and Privacy Law in respect of its use of CCTV to monitor employees. In July 2013, the CNIL formally notified the retailer that it must inform its employees that they were being CCTV recorded and to cease using CCTV for permanent surveillance. The retailer subsequently informed the CNIL that it had complied with the notice. However, a fresh investigation four months later revealed that the data breaches were continuing. The CNIL found the €5,000 fine justified because of the continuing breaches despite the July 2013 notice and because the measures in place for keeping the data secure were inadequate.