Guest WiFi and data protection

When setting up an open WLAN, the principle of user-friendly design and presetting (in accordance with Art. 25 GDPR) must first be observed. In particular, you should be careful when assigning a password for the WLAN that is sufficiently secure according to the state of the art. This means that only actual guests can use the guest WiFi.

In principle, it is advisable to technically separate the guest WLAN from the rest of the company network. In this way, for example, you can prevent attackers from misusing it to compromise the company network.

Although there is no general obligation to log access to the Internet or the respective websites, there is no prohibition on this. In principle, such logging is useful, for example, in the event of use for illegal acts, in order to be able to understand who committed them in the course of using the guest WLAN.

If such logging takes place, you must inform the user in detail in accordance with Art. 13 and 14 GDPR.

After the abolition of the so-called interference liability, operators of a public WLAN can no longer be claimed by copyright owners for removal, omission or compensation if users violate rights, but they can still be obliged to take appropriate measures to avoid violations ( e.g. unlawfully used videos or pictures) in the future. Possible measures are e.g. the blocking of certain services or the use of filters. The measures to be taken must, however, always be proportional or the measure must be reasonable for the operator.

You don’t know how to solve this issue in your company? Do you need professional support in the areas of data protection and IT security or would you like to have these areas checked for GDPR compliance? Just contact us to learn more about how we can help you!

Click here for the contact form.