When providing Public Wi-Fi you need an effective management system in place that can not only ensure compliance with the law but also manage your bandwidth, users and provide the following functions:
Discourage illegal downloading
The Digital Economy Act 2010 is designed to implement steps to reduce online copyright infringement by end users such as illegal downloading of copyright material and illegal file sharing. The regulations are a bit of a grey area but you could be fined up to £50,000 for customers or staff downloading copyrighted material.
A case was reported recently where a pub owner allegedly received an £8000 fine because a user had downloaded copyrighted material over his open Wi-Fi hotspot. Whether he was fined in the end is unclear but it is a good reason not to allow the public un-managed internet access.
Think this will never happen to you? We already receive emails from internet service providers (ISP) to say that illegal activity is happening on certain networks. They are able to tell you the IP address, the film they downloaded, and when. We can then track down the person and block them from using the network.
Discourage criminal activity
Under the Anti-Terrorism, Crime and Security Act 2001 you need to be able to identify who is using your network. Authorities worldwide track illegal activities by tracing suspicious internet traffic back through the ISP. This is very difficult to do without the proper infrastructure in place. Anyone can install a wireless access point on their network and say they provide Wi-Fi but this is insufficient and could potentially allow users access to your own data.
GDPR and Data Protection
The EU General Data Protection Regulation (GDPR) came into effect on the 25th May 2018.
This regulation is complex but if you provide Free Wi-Fi you must only collect personal data for providing a service that your client has both requested and given consent to their data being used for its intended purpose. In other words, users must consent to their personal data being used for marketing purposes (personal data can include their IP address).
Regardless of Brexit, the UK still needs to comply and fines can be up to 5% of your turnover if you don’t.