Swedish furnishing conglomerate IKEA has been fined €1m ($1.2m) for illegally spying on its employees in France and storing their data.
The fine was ordered by a French court on Tuesday after a criminal probe launched in 2012 found that IKEA France had created an elaborate "spying system" to snoop on staff and on customers who had opened disputes.
IKEA, which has 29 stores in France, was found guilty of "receiving personal data by fraudulent means."
Prosecutors said IKEA France tapped police sources, engaged a private security company, and hired private detectives to illegally acquire confidential information on its workers and prospective employees.
Data obtained by the company included membership of labor unions or works councils. Investigators were also asked to find out how an employee could afford a new BMW.
In 2012, satirical weekly newspaper Le Canard enchaine published email exchanges between IKEA and private investigators that showed that spying on staff had been de rigueur at the French subsidiary for years.
Prosecutors said that the espionage infrastructure established by the French subsidiary operated for at least a three-year period from 2009 to 2012. After accusing the company of "mass surveillance," prosecutors sought a fine of €2m ($2.4m) against the company.
IKEA admitted to basic rights violations back in 2012, and released a statement declaring that "IKEA fully condemns the practices brought to light."
Although the trial was centered on spying that occurred from 2009 to 2012, prosecutors say the snooping system was set up almost a decade earlier under a former head of IKEA France, Jean-Louis Baillot.
Baillot, who headed the company from 1996 to 2002, denies any wrongdoing and has declared himself "shocked" to be convicted for his role in the scandal. A French court handed Baillot a two-year suspended prison sentence and fined him €50,000 ($60,630) for storing personal data.
Jean-Francois Paris, IKEA's former head of risk management and a central figure in the scandal, admitted to sending lists bearing the names of people "to be tested" to the security firm Eirpace. The testing was so prevalent that it generated annual bills of up to €600,000.
Paris was given a suspended 18-month prison term and fined €10,000.