I was asked yesterday to provide a comment to a German news organisation and this morning sent them a written response to the questions they asked - see below.
But as an artist or illustrator or arts organisation WHAT DO YOU THINK?
- are you aware of GDPR?
- do you know what you have to do to comply with the new regulation as from Friday 25th May 2018
- have you done anything to date?
- are you planning to do anything
- how do you feel about it?
Please comment below - and you never know your comment might also be incorporated!
Reference to previous posts below (re. GDPR background/actions) and a small treat at the end of this post for those who get that far!
- August 2017: Is your art organisation or business ready for GDPR - the replacement of the Data Protection Act?
- March 2018: Got the GDPR Jitters? 10 things you need to know as an artist / art society / art gallery
- May 2018: Art Galleries and GDPR
plus my page on Data Protection - General Data Protection Regulation for Artists and Art Organisations
 |
| I think maybe the ICO website is having a few problems with demand for information with only two days left before the Regulation becomes operational |
___________________________________
questions
- How might the GDPR negatively effect artists and artist organizations? Does simple human oversight and a failure to 'opt-in' before May 25 mean that artistic communities could lose contact with many of the people they rely on to survive?
- Why has the 'one size fits all' roll-out of the GDPR been problematic for artists and art societies?
- Anything else you'd like to add?
my response
The
EU comprehensively failed to assess the impact of this change in
regulation on the sole trader - and artists are no different from any
other sole trader in this respect.
The definition I've seen of a micro business is one with less than 250 employees. We all know full well there are very many active sole traders and and thriving small businesses and trading operations which have anywhere between 1 and 10 employees. Two years ago when this new regulation was approved, both the EU and the national agencies responsible for the implementation of this new regulation totally failed to communicate effectively with sole traders and the real micro businesses (i.e. those with less than 10 employees). As a result, they have only succeeded in frightening them and sending them into a spin with very little time left to implement change. I'd liken it to the complete insensitivity of the disastrous change in VAT levied on digital products in 2015 (such as eBook and video tutorials) which was made without any thought whatsoever for the implications for the sole trader.
The definition I've seen of a micro business is one with less than 250 employees. We all know full well there are very many active sole traders and and thriving small businesses and trading operations which have anywhere between 1 and 10 employees. Two years ago when this new regulation was approved, both the EU and the national agencies responsible for the implementation of this new regulation totally failed to communicate effectively with sole traders and the real micro businesses (i.e. those with less than 10 employees). As a result, they have only succeeded in frightening them and sending them into a spin with very little time left to implement change. I'd liken it to the complete insensitivity of the disastrous change in VAT levied on digital products in 2015 (such as eBook and video tutorials) which was made without any thought whatsoever for the implications for the sole trader.
The EU needs to stop ignoring the fact there are HUGE numbers of sole traders - including artists - operating within the EU.
- Sole traders are periodically strangled by EU red tape designed to catch the very large organisations who sidestep and/or ignore regulations and tax.
- Of course, the EU should tackle the lack of proper security of personal data (and evasion of tax etc.) by corporate entities - but they need to make robust and realistic assessments of the impact of their "one size fits all" regulations on sole traders and extremely small businesses in the process!
- The level of change is seismic in its impact for a sole/small trader such as an artist compared to companies which can afford to employ individuals to tackle this topic. It's very likely to succeed in causing much anxiety and choking off economic activity at the grass roots.
However
due to the very poor communication, I suspect most artists are still
not aware that ANY change is happening on 25th May. Very many will not
be aware of the complete range of changes they are expected to make.
They will undoubtedly carry on as before. Whether this becomes a problem
for them in the future is hard to say. I certainly don't think the
regulators should be spending their time chasing after artists who
probably don't understand much of the language and terms that the
regulations and guidance is written in.
Lawmakers
and regulators should very definitely get their priorities in order and
focus all their efforts on holding the corporate giants to account!
and finally......
I've been collecting GDPR Privacy Policies - and if you are at the screaming ab-dabs stage with yours you might enjoy reading this one - The Writers HQ - Privacy Policy
Thank you for highlighting the impact that GDPR will have on sole trader creatives, Katherine. It would be useful for the ICO to publish templates for sole traders to adapt and use for their own Privacy Policies. Also, I couldn't find any visual art professions in their list of occupations and had to register as a retailer/manufacturer. Employing a legal professional is beyond the budget of many small businesses so direction from the official bodies would be really useful.
ReplyDeleteGreat to see that Writers HQ has approached the subject with a sense of humour!
The Writers HQ Privacy Policy is brilliant!!
ReplyDeleteAnd totally agree with your blog on the subject, well put as always. Thank you
hello Katherine,
ReplyDeleteyour post about the GDPR has been extremely helpful for me as door opener to the issue. I couldn't find such solid information in Germany. At present there is chaos,panic and false information circling on blogs in Germany. From my point of view too many German bloggers take the opportunity to create traffic to their blogs with promoting panic rather than trying to pass on their own measures of solution.
To answer your questions:
1. I am aware of GDPR and the deadline
2. I have shut down my weblog and created a data protection declaration for the remaining static website built with WIX
3. I am preparing to shut down the wix site and to go back to my good old indexhibit cms which I will host on German provider with full control over any data I might need to collect.
I will not use any social media buttons,google paralytics or any other such modern stuff that collects data beyond my understanding and control.
4. I feel good about it. Dealing with the GDPR has shown me that the benefits that I have as internet user are substantial.
5. I understand that for people/artists who (want to) run a blog with comment function, a shop for online sales, membership managment etc. complying with the GDPR is hell.
I wonder how for example a site like "dailypaintworks.com" will manage that???
Couldn't agree more! Most artists just want to be artists, and there are many out there I've spoken to, who as you said, were quite unaware that it applied to them as well. I'm just after including an updated privacy policy in my Folksy and Etsy shops. I was actually happier with the former since they supplied sellers with a pretty much foolproof template. With Etsy however, they just gave examples and I had to write my own. A solicitor I am not, and there is this slight worry that somewhere down the line it might come back to haunt me.
ReplyDeleteWhile it can only be a good thing that the laws are tightening on online privacy, I wish they would take artists' rights just as seriously. I know a fellow artist who discovered through a friend that her work had been stolen to sell as prints, on bookcovers and bookmarks, etc, at a fair, but because of data protection laws, the fair management would not give her the name of the fraudster! Perhaps I'm going off topic, but the irony of it is painful. Anyway, many thanks for your insightful blogposts, as always.
Thanks Katherine, this has been a nightmare.
ReplyDeleteWell said... Loved the hilarious policy statement and very tempted to use something similar!
ReplyDelete