Public WiFi: How the GDPR will affect your business from 2018

07 Mar

By: Markus Witcomb

GDPR / WiFi Solutions

Comments: No Comments.

In today’s connected World, we take WiFi for granted and increasingly expect it to be made available in most public places; airports, cafes, bars, restaurants, shopping centres and even the High Street.

Beyond the networks being installed by cities and transport networks, and the router-sharing systems operated by BT and many other providers, hotspots provided on retail and public sector premises across the country keep people connected through their day. However, misunderstandings about legal obligations could be limiting the provision of hotspots and compromising users’ privacy.

Businesses that have customers on the premises, from coffee shops to libraries, may offer free (or even paid-for) Wi-Fi as an attraction. By asking users to log in, businesses can also leverage Internet access to generate marketing data from details obtained by registering for the WiFi service.

Nowadays, offering WiFi hotspots are straight-forward and most routers provide the ability for a guest network, allowing you to separate your visitors traffic from your own business traffic. This aids in preventing the public from introducing malware or accessing your own networked devices, however, we would recommend another layer of protection to firewall off your internal network – which of course we can support you with!

QAIST provide secure WiFi solutions to keep your business secure whilst benefiting from offering your customers a WiFi service.

Did you know that by collecting and storing personal information brings responsibilities under the Data Protection Act 1998 (DPA) and all businesses that collect data should be registered with the Information Commissioners Office (ICO).

A new European legal framework is being introduced in 2018 through the General Data Protection Regulation or GDPR, that will heavily penalise companies that do not adhere to the framework from May 2018.

The regulations are complex and this article (nor I) will aim to explain it, but further information can be found on the ICO website where they summarise the similarities with the DPA.

Important: This article deals specifically with the legality of public Wi-Fi in the UK & the uncertainty around Brexit may question how GDPR will apply in the UK, but this should not distract from the important task of compliance with the GDPR.

The GDPR seeks to ensure that data collection across the EU is consistent in its collation and usage and that you should only collate data because of providing a service that the person wants and has agreed to and you use it for its intended purpose.

What does this mean?

Your terms & conditions for your WiFi service, needs to be very clear on what data you are collecting, the reasons why, your intended usage of such data and the ability for the public to opt-in for any marketing, as well as providing them clear instructions on how they can opt-out at any time.

QAIST’s WiFi solutions already include standard and agreed T&C’s that are compliant with the DPA and align with the proposed GDPR framework.

If you are thinking about or currently providing public WiFi and would like to ensure that you’re data processing is compliant, get in touch to see how we can help.

Leave a Reply