In what appears to be the first sanction of its kind imposed on a U.S.-based company, Tyco’s French subsidiary was fined €30,000 (approximately $41,000) by La Commission Nationale de L’informatique et des Libertés (CNIL) for unlawfully transferring employee data across borders and failing to have sufficient safeguards on its data.

The CNIL – France’s data protection authority – began to investigate the multinational corporation when it provided insufficient descriptions of its global human resources database, even denying at one point the use of such a system. The investigation not only revealed that Tyco was indeed using the technology, but that it was an integral part of the corporation’s global management system which allows information to be shared with its overseas counterparts.

Database technology is subject to strict regulation within the European Union, which requires that databases be registered and the information not be shared with entities outside the EU that do not provide an “adequate level of protection” for the data – which, according to the EU, the United States does not offer.

Commentary: We aren’t going to take Tyco to task on this one. The company has made a real solid effort to clean up its ethics and compliance after the Kozlowski affair.

Many corporate compliance and legal departments have been at odds with the EU data protection laws over the past several years – looking at training employees, improving controls, and so forth.