Unbeknown to the outside world, for nearly 20 years the privately-owned French radio station Europe 1 kept files on listeners who called its switchboard, sometimes recording details relating to their origin, their health or their presumed sexuality. France's data watchdog the Commission Nationale de l'Informatique et des Libertés (CNIL) discovered the scale of the scandal in 2017 but chose not to make it public. However, Mediapart has seen a copy of the confidential report on the issue.
The investigation by CNIL started on July 7th 2016 when its staff visited the offices of Europe 1 in |Marseille, in southern France where the radio station had temporarily relocated for a major match in the Euro 2016 football tournament between hosts France and Germany.
What attracted the attention of CNIL's inspectors was the radio station's switchboard area. This was where the station's phone operators sifted through the emails and the telephone calls from listeners who dialled the number 3921 to call the station. How were the messages sorted? It was done by “rating” the calls, in others words evaluating the conversation with the caller on a scale ranging from “excellent” to “bad”. It is what is called “listener casting”.
Enlargement : Illustration 1
“It's about knowing if the listener's comments are in line with the programme's subject matter,” says one of the operators at the station contacted by Mediapart. “And to be sure there is no aggressivity before going onto the station, for example, and to know if someone expresses themselves in a comprehensible way, if the telephone line is good.”
Armed with this information the staff produce files – one a minute in peak periods – that are recorded in software used internally and which is called 'Chamane'. At that time 'Chamane' was also used by the station's presenters to disconnect a listener if they got out of control. “On our touchscreen there were ten boxes, and by clicking on one box you put the listener on air. By clicking again you took them off,” says a former morning presenter on Europe 1.
This tool attracted the attention of CNIL inspectors during their inspection. For the file did not just contain normal information such as the caller's surname, first name, profession, telephone number or the quality of their diction, it also had details summarised under a box called “comments” which allowed operators to “convey their personal assessment”.
In its report, seen by Mediapart, CNIL points to comments made about some of the callers' health: “Patrice HIV positive”, “No longer alcoholic my arse!”, “off sick from work, cancer treatment”. Or about their presumed ethnic origins or sexual orientation: “Tunisian Jewish accent, insistent and disagreeable”, “Maghreb [editor's note, North African] accent, not always clear, talkative, needs to speak about their cancer”, “he's queer” and “he's a former straight who has become queer”.
More generally the CNIL report notes that “more than 483 files contain comments relating to the listeners' [personal] qualities, such as for example “major dickhead”, “FASCIST!!!”, “the voice of an old faggot!”, “racist and not very nice, compares the Arabs and the Chinese very wittily”, “This SB [son of a bitch] never replies”, “stupid bastard who has already well pissed us off”. CNIL modestly describe these comments as “inappropriate” and “insulting”.
As CNIL points out, it is of course not unlawful to collect information on listeners to the extent that “they have come to speak on the station and the station is looking to determine which interventions would be likely to add value to the content of the programmes”. But this does not mean that the descriptions are appropriate, the watchdog says. This type of “excessive” file is “contrary to the provisions of the [data legislation] of January 6th 1978”, it says.
The law formally bans the gathering without consent of data of a personal nature relating to health or sexual orientation, or relating to racial or ethnic origins and religious persuasion. Breaches of this law risk a fine of up to 1.5 million euros.
Beyond the seriousness of the comments in the files, the author of the CNIL report also highlights the sheer scale of file keeping involved. Since 2002 the software had stored information on 573,315 people, although such data should have been destroyed after two years. How could the radio station have kept personal data on more than half a million people for so long?
“Neither the radio's managements nor the switchboard operators were aware of the preservation of the data,” Europe 1's secretary general Anne Fauconnier said when contacted by Mediapart. “The preservation of the data over a long period stems from a technical error.”
The station and its staff also insist that Europe 1's system of files at no point led to discrimination relating to listeners going on air. However, this raises the question of what, then, the point was of those written assessments.
In any case, another system of file-keeping, older and even more sensitive, enabled Europe 1 to exclude some listeners from the airways on an irregular basis. It is a ghost file for which CNIL seems to have given no authorisation nor received any declaration. It was a file of callers “banned from the station” and it was discovered at the time of the 2016 inspection.
A total of 448 listeners on a blacklist
According to the CNIL report, a listener was added to this blacklist at the “request of the programme assistant or of the programme's presenter”. Once the caller's number was entered into the system their status as a banned person appeared in the 'Chamane' software. In all, a total of 448 numbers banned from the station were found during the inspection. The oldest dated from an “older database” that went back to 1998, according to the inspectors.
According to the CNIL report these callers to the station were not aware of their prohibited status. And according to what Europe 1's secretary general says, they are probably still not aware of it today. “When an explanation is possible with a listener, the information [editor's note, about them being banned from the station] is passed to them,” she says.
Yet the law is quite clear on the matter as a brief note on CNIL's website shows; blacklists of listeners, like an other kind of blacklist, are strictly regulated. “Essentially, the principle of the blacklist must be carried out on the basis of objective elements, that it should be for a defined duration, the person should be informed of it and they should be able to contest it,” says CNIL's rights protections services, when contacted by Mediapart.
Enlargement : Illustration 2
Europe 1 should have systematically kept its listeners aware of the existence of a blacklist and notified them of their presence on it if required. It did not do so. Did some listeners, unaware they were banned, continue to call the station's premium number (charged at 50 euros cents a minute plus the price of a local call) in the vain hope they could get on to one of the programmes? And if so, for how many years?
The radio station's management prefers to focus on the fact that today there are just five numbers on its banned list.
For after CNIL's inspection, Europe 1 did indeed clean up its 'Chamane' database and also sent an email reminding its switchboard operators of their responsibilities. These and other measures clearly convinced the data commission not to give any publicity to the case, not to refer it to the justice system and not to fine it.
At a restricted session of the data watchdog held behind close doors at its request on January 26th 2017, Europe 1 pointed to the “pressure of live broadcasts” to explain the inept nature of the comments gathered on callers. It also highlighted the free nature of late-night programmes which sometimes dealt with “sensitive” issues which justified the gathering of information of the same type.
But rather than technical issues or the pressures of live broadcasts, the Europe 1 staff contacted by Mediapart emphasised the role of the station's structural problems in leading to the issues with the files. “The phone operators were students who did it two or three times a week to make ends meet,” said one presenter. “There was no real detailed training, they're people who did it on the side.”
One staff member who works on the switchboard explains: “If there had just been one meeting then management would have realised there were irregularities. But I didn't see management visit a Libre Antenne [editor's note, the name of their station's late-night show] during the whole course of a year, not even out of curiosity.”
A fall in the number of listeners and callers also played a role, said the member of staff. “When the switchboard was working well you could have around fifty people who were calling for an [evening show] but sometimes you had just five or six calls, including three who were pissed and another who you had to call back and who didn't reply. You really had to get people onto the station so you delved into the files to find them.”
After considering the issue CNIL decided not to follow the recommendations of its own rapporteur who wrote the report, and not to make public the warning given to Europe 1, despite the many contraventions that had been noted. The decision was a godsend for the radio station which was already in a critical situation in 2017.
Yet this was not the first time that the watchdog has found anomalies in the company's handling of data. In July 2015 the independent body had already put Europe 1 on notice for not respecting the rules when it came to collecting data on its website. The same year CNIL, which had received a formal complaint from a website user, had had to intervene with the company to get that person's details permanently removed from a commercial marketing list.
The question remains: why in 2016 did CNIL not refer the most serious issues that were found during the inspection, such as files kept on people's ethnicity or sexuality, to the prosecution authorities? In fact, the data watchdog has shown itself to be timid when it comes to punishing companies found to be at fault. “We're there to help companies to conform [to the rules]. Not to punish them. At Europe 1 it was, overall, a management issue,” says a member of CNIL who took part in the inspection. “It was not as if the gathering of data was part of their economic model.”
The management of CNIL's rights protection and sanctions unit put forward another reason for the lack of referrals of cases to prosecutors. “We regularly make formal complaints to the prosecution services but not always,” they says. “We carry out 300 inspections a year, if we had to report them systematically that's all we'd do.”
Between 2011 and 2017, CNIL announced sanctions in four cases involving the media. None of their warnings have been made public.
- ------------------------------------------------------------------------------
The French version of this report can be found here.
English version by Michael Streeter