Will GDPR contribute to more agents dying out?
We live in exciting times; our world is more dynamic and inventive than it has been in well over 100 years. But, as is always the case, exciting times are also turbulent times, you can’t have one without the other.
Technology has the potential to allow property to truly fly, shedding the historical weight of inefficiency to reach heights it never previously could. However, this opportunity has bought with it great threat, and with 2018 already set to be a tough year for residential agents, one new governmental reaction to evolving technology could act to make things even harder. Could GDPR cause even more agents to shut their doors than are already expected?
Risking a Fine
The EU General Data Protection Regulation (GDPR) comes into effect on 25th May, 2018. Failure to comply by that date, and on every following day, could result in enormous fines.
This is the most significant data protection act in over 20 years, and the punishment for non-compliance reflects that; fines can reach up to 20 million Euros or 4% of group worldwide turnover, whichever is greater.
These penalties will, of course, be scaled to match the company in breach. So if a small indie firm is fined, it won’t be for 20 million euros. It will, however, be a significant amount. With many agents struggling in the current housing climate, such a penalty could very realistically result in bankruptcy.
In order to avoid GDPR fines, you have to understand what GDPR is, and to do that, you have to have an understanding of how businesses use modern technology. This is a knowledge base that many agents are notoriously shakey on.
Avoiding a Fine
GDPR is wide reaching and all encompassing. It covers every single aspect of personal data that a business collects. And while most agents will be aware of the big ones, like addresses and banking details, many may not realise that the regulations also extend to IP addresses if you offer free Wifi in your offices, and they also include the data you have on your own employees. This is just the tip of the iceberg.
What’s more, GDPR demands you have the ability to store data securely and be able to report any hacks or breaches within 72 hours of them occurring.
For those agents who have yet to succumb to the lure of technology in their day to day businesses, the ability to ensure all of this is nigh on impossible. The size and scale of the required data audit is intimidating to say the least. It covers everything the agent does and everything that any third-party companies or suppliers do, too.
In such a situation, agents are left with a choice; either they hire an external consultant or company to come in and complete their data audit for them, identifying the flaws and explaining the solutions, or they make the leap into the world of technology by moving their everyday processes, those which hoover up personal data, onto a platform which guarantees GDPR compliance in an instant.
The advice of someone in the know
GDPR is a complex beast and very few people out there, especially in property, can claim to be experts on the matter. But we have a friend who certainly knows more than most about personal data rules, so we asked her to give us all a few sage words, and maybe a little advice, about the upcoming regulations.
Laura McLoughney, Data Protection Consultant & Director of Riverlight Developments
“First of all, it is no-one’s intention to go out hunting for fines; the Information Commissioner’s Office (ICO), just want to ensure compliance, not discover non-compliance. It’s a subtle but important difference.
“That said, I think the biggest thing for agents here is awareness. I say educate yourself about your business; understand how information flows, who handles it and how it gets passed along the chain.
“What might leave agents vulnerable is the sheer scale of GDPR and the vast amount of processes that fall under its remit. All of which have to analysed and confirmed as compliant by 25th May. This, again, comes down to having a solid understanding of how your business uses data and technology.
“But then there are agency firms who have the attitude of, “I’m too small, they’ll never find me.” While they might get lucky and this might be true for the ICO, your clients might still find out. Public knowledge is increasing, people are more savvy about their rights as consumers, so this too could leave agents vulnerable and a disgruntled client could easily report suspected non-compliance.
“However, I think agents should also see GDPR as an opportunity. It seems scary but, if agents are already compliant with the current regulations, the groundwork has already been laid. Once compliance has been ensured, agents should then be shouting from the rooftops to let everyone know. It’s a great chance for firms to demonstrate to the world that they are raising the standard. Agents have been getting smacked around of late, GDPR compliance can be a new string to their bow, a way to demonstrate that they are open, honest, forward thinking and innovative.
Basically, I would recommend that agents make GDPR and everything it represents the focal point of their mission statement moving into the second quarter of 2018.”
Two birds and a silver lining
Technology has set in motion the second industrial revolution; like it or not, it’s undeniable. Everything we do in the world of business is moving over to the digital. While many agents have so far managed to thrive without it, it’s simply a matter of time before doing so becomes impossible.
But on 25th May we are entering a new phase of the revolution, one which seals the fate of many legacy software solutions that agents historically put their faith in. Most desktop-based software platforms are not GDPR compliant. Because they cannot be upgraded as simply as a cloud-based platform can, they will soon be rendered useless.
We see this as a two birds, one stone situation. Agents can ensure GDPR compliance across the board and make the essential leap into technology at the same time.
Here at Sprift, we are firm believers in co-creation. We want to work with agents to help build the best possible platform for them. We don’t believe in offering a like-it-or-lump-it platform, instead we want Sprift to be fluid and reactive to agent’s needs as we move into the future.
These are exciting but turbulent times; the arrival of GDPR marks an important milestone in our appreciation for what technology is going to do to our society. And while we can’t do much about that, we do believe that we can work with agents to ensure that, whatever happens, we are all nimble and able to react.
If you want to chat with us about GDPR compliance or anything for that matter, give us a call on 0207 0960847 or email hello@sprift.com