In Focus Commercial Credit
Is it too late to think again about GDPR?
The new Data Protection Bill risks being the ‘death knell’ for many small businesses across a range of sectors
Ian Cass Chief executive, the Forum of Private Business
I would like to call on the government to form a working group to consider the impact on small businesses of the proposed GDPR legislation following the announcement of the bill, last month, to be discussed in parliament after the recess, as a lack of clarity on what small business can and cannot do in terms of data use will lead to inertia through fear of breaking the new rules. I would cite four main concerns: l That only larger businesses, with in- house compliance guidance, or the budget to employ outside consultants, have paid any attention to what the implications of the legislation are. Inadequate guidance has been given by the Information Commissioner’s Office to help small businesses, and there appear to be areas of the bill that are open to interpretation which do not give the clarity that small businesses need. lWhilst the focus of the legislation is towards protecting personal data, there seem to be material unintended consequences that could impact small businesses. The main focus, so far, has been on how big business manages personal data, and inadequate attention has been given to how these changes may affect small businesses. l The way many small businesses operate in today’s world relies upon electronic communication with existing and prospective customers. Many businesses rely on e-mail lists for their marketing, and the prospect of obtaining overt consent, and maintaining consent records, is one that many businesses will simply not be able to cope with. l Small and micro businesses already face a disproportionate cost of complying with regulations when compared to big business. The potential for many of them now to
14
There is the potential for this legislation to impact the way many of these businesses operate and market themselves, and even force them to close
have to employ or train staff to deal with compliance on data management, or buy online data-management tools, will be a burden that some will not be able to accommodate, and the threat of the draconian fines that attach to breaches of GDPR will be sufficient to lead some firms simply to close down.
The economic engine Many people will welcome tighter controls on who owns their personal data and how it is used, and, as such, the intent of the
www.CCRMagazine.co.uk
GDPR legislation is fine, but it appears that no-one in power has thought about the small and micro businesses that make up 98% of the UK’s 5.2 million businesses, account for more than half of the country’s employment and are the economic engine of the high street. There is the potential for this legislation
to impact the way many of these businesses operate and market themselves, and even force them to close down. Minister of state for digital and culture Matt Hancock’s comments in his press statement last month reassuring that “businesses will be protected” gives no comfort whatsoever whilst there is so much uncertainty about what will be allowed, and also which actions will be heavily fined. The government must urgently establish
a dedicated working group, on which we would be pleased to play our part, to ensure all MPs are fully briefed on the potential impact on their constituency businesses before they are required to vote. CCR
September 2017
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52
