German Privacy Laws
It looks like they were trying to skirt the laws themselves by not listening to the conversations. If an employee has a company phone they are generally required to sign a privacy waiver for the company to be able to receive the bill from the carrier since the company is not the party that is using the phone. If such a waiver is in place, then the current security director might not have much to argue about for internal...but external parties...can you say Stasi-esque? The main reason why Privacy Laws are so clear (and should be) are the abuses in the former East including jars containing personal items for dog scent tracking. Total surveillence measures are not viewed favorably as humans have a right to the dignity of not being constantly watched...especially in the workplace. Traffic surveillance methods that obfuscate the device are not permitted despite being technically feasible.
Caveat: If there is suspicion that something illicit is actually going on, then a court order bypasses all right to privacy retroactively if needed.
Would need to read more about it, and I am sure we will. The Lidl thing caused quite a stink...I am wondering how this is going to shake out.