Wednesday, May 23, 2018

Artists and GDPR - what would you like to tell the EU (and ICO)?

This is your opportunity to comment on what you think of GDPR and its impact on artists and small art groups/organisations.

I was asked yesterday to provide a comment to a German news organisation and this morning sent them a written response to the questions they asked - see below.

But as an artist or illustrator or arts organisation WHAT DO YOU THINK?

  • are you aware of GDPR?
  • do you know what you have to do to comply with the new regulation as from Friday 25th May 2018
  • have you done anything to date?
  • are you planning to do anything
  • how do you feel about it?

Please comment below - and you never know your comment might also be incorporated!

Reference to previous posts below (re. GDPR background/actions) and a small treat at the end of this post for those who get that far!

I think maybe the ICO website is having a few problems with demand for information
with only two days left before the Regulation becomes operational



  1. How might the GDPR negatively effect artists and artist organizations? Does simple human oversight and a failure to 'opt-in' before May 25 mean that artistic communities could lose contact with many of the people they rely on to survive? 
  2. Why has the 'one size fits all' roll-out of the GDPR been problematic for artists and art societies? 
  3. Anything else you'd like to add?

my response

The EU comprehensively failed to assess the impact of this change in regulation on the sole trader - and artists are no different from any other sole trader in this respect.

The definition I've seen of a micro business is one with less than 250 employees. We all know full well there are very many active sole traders and and thriving small businesses and trading operations which have anywhere between 1 and 10 employees. Two years ago when this new regulation was approved, both the EU and the national agencies responsible for the implementation of this new regulation totally failed to communicate effectively with sole traders and the real micro businesses (i.e. those with less than 10 employees). As a result, they have only succeeded in frightening them and sending them into a spin with very little time left to implement change. I'd liken it to the complete insensitivity of the disastrous change in VAT levied on digital products in 2015 (such as eBook and video tutorials) which was made without any thought whatsoever for the implications for the sole trader.
The EU needs to stop ignoring the fact there are HUGE numbers of sole traders - including artists - operating within the EU.
  • Sole traders are periodically strangled by EU red tape designed to catch the very large organisations who sidestep and/or ignore regulations and tax.
  • Of course, the EU should tackle the lack of proper security of personal data (and evasion of tax etc.) by corporate entities - but they need to make robust and realistic assessments of the impact of their "one size fits all" regulations on sole traders and extremely small businesses in the process! 
  • The level of change is seismic in its impact for a sole/small trader such as an artist compared to companies which can afford to employ individuals to tackle this topic. It's very likely to succeed in causing much anxiety and choking off economic activity at the grass roots.
However due to the very poor communication, I suspect most artists are still not aware that ANY change is happening on 25th May. Very many will not be aware of the complete range of changes they are expected to make. They will undoubtedly carry on as before. Whether this becomes a problem for them in the future is hard to say. I certainly don't think the regulators should be spending their time chasing after artists who probably don't understand much of the language and terms that the regulations and guidance is written in. 

Lawmakers and regulators should very definitely get their priorities in order and focus all their efforts on holding the corporate giants to account!

and finally......

I've been collecting GDPR Privacy Policies - and if you are at the screaming ab-dabs stage with yours you might enjoy reading this one - The Writers HQ - Privacy Policy


Lis Watkins said...

Thank you for highlighting the impact that GDPR will have on sole trader creatives, Katherine. It would be useful for the ICO to publish templates for sole traders to adapt and use for their own Privacy Policies. Also, I couldn't find any visual art professions in their list of occupations and had to register as a retailer/manufacturer. Employing a legal professional is beyond the budget of many small businesses so direction from the official bodies would be really useful.

Great to see that Writers HQ has approached the subject with a sense of humour!

Waterspice said...

The Writers HQ Privacy Policy is brilliant!!

And totally agree with your blog on the subject, well put as always. Thank you

Papierflieger said...

hello Katherine,

your post about the GDPR has been extremely helpful for me as door opener to the issue. I couldn't find such solid information in Germany. At present there is chaos,panic and false information circling on blogs in Germany. From my point of view too many German bloggers take the opportunity to create traffic to their blogs with promoting panic rather than trying to pass on their own measures of solution.

To answer your questions:

1. I am aware of GDPR and the deadline

2. I have shut down my weblog and created a data protection declaration for the remaining static website built with WIX

3. I am preparing to shut down the wix site and to go back to my good old indexhibit cms which I will host on German provider with full control over any data I might need to collect.
I will not use any social media buttons,google paralytics or any other such modern stuff that collects data beyond my understanding and control.

4. I feel good about it. Dealing with the GDPR has shown me that the benefits that I have as internet user are substantial.

5. I understand that for people/artists who (want to) run a blog with comment function, a shop for online sales, membership managment etc. complying with the GDPR is hell.
I wonder how for example a site like "" will manage that???

Judith Logan said...

Couldn't agree more! Most artists just want to be artists, and there are many out there I've spoken to, who as you said, were quite unaware that it applied to them as well. I'm just after including an updated privacy policy in my Folksy and Etsy shops. I was actually happier with the former since they supplied sellers with a pretty much foolproof template. With Etsy however, they just gave examples and I had to write my own. A solicitor I am not, and there is this slight worry that somewhere down the line it might come back to haunt me.
While it can only be a good thing that the laws are tightening on online privacy, I wish they would take artists' rights just as seriously. I know a fellow artist who discovered through a friend that her work had been stolen to sell as prints, on bookcovers and bookmarks, etc, at a fair, but because of data protection laws, the fair management would not give her the name of the fraudster! Perhaps I'm going off topic, but the irony of it is painful. Anyway, many thanks for your insightful blogposts, as always.

Melissa B. Tubbs said...

Thanks Katherine, this has been a nightmare.

Unknown said...

Well said... Loved the hilarious policy statement and very tempted to use something similar!

Post a Comment

COMMENTS HAVE BEEN SUSPENDED AGAIN due to very silly ignorant people who leave spam comments without realising they have no benefit for them.

Please feel free to comment on my Facebook Page as my blog posts are always posted there (but please note anonymous comments are not published and I block and report spammers to Google and on Facebook)

Note: only a member of this blog may post a comment.