GDPR Implications for Wi-Fi Systems

Too many organizations or businesses do not realize that they will be affected by the launch of the General Data Protection Regulation (GDPR), or are not completely prepared for it. If your organization or business is based outside of the EU, you may be thinking that this EU based law has nothing to do with you, but you could be wrong.

The truth is that GDPR applies to any business or organization which handles the personal data of folks who live in European Union countries. It also affects companies in ways that they may not be conscious of.

How GDPR influences Wi-Fi

A business or organization might be fully conscious that GDPR applies to them. It might have set up processes and procedures to cope with concerns like making certain that approved consent is in place, or ensuring that System Access Requests (SARs) can be responded to within the specified 40 days. But how many companies have thought about the effects of their Wi-Fi provision?

A lot of restaurants, coffee shops, bars, and hotels offer free Wi-Fi to customers as a facility. This provision can be expensive, but companies often claw back the expenses by selling their customers’ browsing information to third-parties. Once GDPR turns into law they won’t be able to do this, for any European Union based clients, without having the explicit approval of the person.

It is worth noting that this doesn’t just apply to the business itself, but also to any third-party that offers the Wi-Fi service to them.

According to GDPR, businesses and organizations also must “apply correctly technical and organizational measures to make sure a level of safety appropriate to the risk”. The required measures aren’t defined in GDPR, nevertheless, where Wi-Fi is involved this could include taking measures such as upgrading data encryption.