The German rail company is being accused of spying on almost all of its 227.000 employees for almost a decade. Part of a campaign to root out internal corruption -a very positive cause indeed-, the spying operation consisted on comparing “master data” (i.e. personal details) of over 170.000 employees, with information of around 80.000 external suppliers. This would show irregularities that might imply internal corruption. These investigations and comparisons have been going on at least three times (on 2002, 2003 and 2005).

It is now under investigation whether privacy laws have been broken or not. But even if Deutsche Bahn’s actions were legal, privacy is an extremely sensible matter in Germany because of its Nazi and Communist past. Surprisingly enough, this is not the first of such spying cases, with Deutsche Telekom in 2008 and Lidl grocery stores in 2007.

Under investigation as well is how aware of these proceeding were its top managers (including Deutsche Bahn’s CEO, Hartmut Mehdorn).

Once again, we are witnessing privacy and employee surveillance issues arise. Any organization is in its own right to safeguard its name, intellectual property, and even its trade and business secrets. But doing so correctly and stepping on their employees privacy are two different matters. Proper systems should be put in place in order to audit each and every action done within an organization, even by the most privileged users. This kind of systems (like the Kinamik Secure Audit Vault), would act as deterrent for any misuse that may occur, and accountability and full responsibility would be in place. It would protect both the organization and its employees: the organization would be protected since employees would think twice before doing any unappropriate or ilegal action knowing that each and every action is being recorded and archived. And employees would be protected since these audited actions would include also the actions allegedly done by Deutsche Bahn; any empoyee representative (e.g. union leader) could then run integrity reports and analysis on the audit trails for checking improper actions, and be sure that these reports can be unquestionably trusted.