As from May this year, there will be new data laws coming into effect in Europe. Here we take a closer look at how this will affect the growing freelance workforce in the UK.
The new laws, known as General Data Protection Regulations or GDPR will fundamentally change the way personal data is handled by businesses – small or large – within the European Union.
Because these laws are being implemented before the Brexit deadline, freelancers need to know how they can deal with them. Businesses found not to be complying with GDPR are likely to face significant consequences.
What is GDPR?
The new data legislation is intended to improve protection of personal information for EU citizens. The laws will affect all companies dealing with customers from within the EU and will serve to protect data like name, physical address, date of birth and even an individual’s IP address. In other words, GDPR is designed to protect the privacy of information that comprises someone’s online profile.
The consequences of non-compliance are hefty, with a fine of up to €20m or 4% of a company’s turnover, whatever is larger. The penalty is intended to illustrate how seriously the EU takes the issue of data protection.
How Does GDPR Affect Freelancers?
Although the legislation states clearly that it affects companies with more than 250 employees, it is unwise to assume freelancers are off the hook.
Businesses with less than 250 employees, which includes contract workers and freelancers are not exempt from GDPR laws. If you handle sensitive data of any person living within the EU, you need to organise your business to hand over control of that information to the individual it relates to.
Freelancers routinely hold client information together with their bank details in order to keep invoicing records. According to business insurance brokers, Caunce O’Hara: ‘Freelancing is currently a booming economy, with nearly 2 million people working in various freelancing careers around the country. It is an extremely attractive profession even with the oncoming of Brexit and GDPR on the horizon. Of course, these things will cause a shakeup in the industry, but it will adapt.’
How to Prepare for GDPR
The main impact of GDPR on freelancers is that they are required to carry out an audit of all devices used to store client information. As well as the software used to maintain records, freelancers need to be able to provide details of the people who have access to their data, the permissions they have gained to store the information and even where their server is located.
Then, freelancers should ensure the security of the data by encrypting devices like a computer or phone or wherever records are kept and ensure they are protected from malware and viruses. They should maintain secure backups also, just in case devices are lost or stolen.
Even the smallest of mailing lists should be reviewed to ensure you have the consent of all your recipients. This means getting everyone to opt into your list again, to ensure you have recent confirmation of their consent. There should also be an easy way for people to unsubscribe from email mailing lists.
Victory for EU Regulators
GDPR actually represents a bit of a coup for the EU over the mighty Google. For many years behind the scenes, data protection activists in Europe have been seeking stronger measures to protect the privacy of its citizens.
The issue that many are not aware of is that in America, the privacy of personal data is a consumer right, whereas, in Europe, it is a civil right. That means it’s not unlawful in the US to use someone’s personal data to bombard them with targeted deals that match their buying profile. However, in Europe (including the UK), we are fiercely protective of our personal data, particularly when it’s used to sell to us.
The effect of GDPR is impossible to evaluate ahead of the May deadline and there is almost certainly going to be more advice issued after that date. There will also be examples of best practice issued to businesses so that the required changes have been implemented.
In many respects, this is like any other legislative change of the past which has taken time to settle and become incorporated into daily practice among all businesses of all sizes. From a British freelancer’s point of view, it’s not entirely sure what will happen with GDPR regulations post-Brexit although those doing business with EU citizens outside of the UK will still be required to comply.
Signature Works is dedicated to the advancement of freelancers and startups, providing flexible office spaces with everything on hand for members to connect and grow. Membership provides you with the opportunity of attending exciting and informative events, with guest speakers imparting invaluable advice. Find out how Signature Works