Protect | 5 October 2018

The elephant in the room: confidentiality and co-working spaces

Reading Time: 2 minutes

Co-working spaces have soared in popularity recently, providing creative work atmospheres for freelancers, small business and larger organisations. These engaging and collaborative environments are also affordable and designed to create networking opportunities with other companies and potential new clients. But this desire to foster collaboration, results in their open floor plans and shared work spaces also providing opportunities for your confidential information to be put at risk.

What does the law say?

Outside ADGM and the DIFC, there are no specific laws on confidentiality and data protection but there are provisions in the Constitution, the Civil Code (Federal Law No. (5) of 1985), the Penal Code (Federal Law No. (3) of 1987) and other laws referring to “secrets” and “privacy”. So it is better to adopt a more cautious approach to protect your business’ confidential information (particularly your client’s confidential information) because disclosing “secrets” without a person’s consent may attract liability – possibly criminal. Employees who disclose information belonging to their employer may also be criminally liable.

What can I do to protect my confidential information?

There are a number of easy things you can do to protect your business when you and your employees use co-working spaces:

•  Devices: make sure all your devices are password protected.

•  Lock them up: keep your devices locked whenever you are away from them – no matter how brief you think your absence will be. If you step away from your laptop or tablet to take a phone call, leave them locked.

•  WiFi: understand the risks of using a shared network and take appropriate data protection precautions.

•  Cloud storage: use two-factor authentication and other cybersecurity measures.

•  Get a room: use the private rooms for discussing confidential matters and meeting with any clients.

•  Open air chat: avoid discussing confidential issues in open spaces (whether in person or on the phone).

•  Workflows and practices: can you insist that sensitive information is sent by email or instant message rather than over the phone?

•  Employees: include confidentiality obligations in your employment agreements and have policies on working in co-working spaces.

•  Clients and other third parties: do you have any contractual obligations to your clients or other third parties? Have you signed up to any confidentiality agreements, tender documents or other agreements which contain confidentiality obligations? What do your terms of business say about confidentiality?

•  Keep it tidy: don’t leave any hard copies containing confidential information lying around.

•  Storage: do you need to store documents or other confidential information when you aren’t there? Does the co-working space provide secure storage?

•  Printing: take care when using shared printers and copiers. Ensure that no-one makes copies of your printed documents without you knowing.

•  Marking hard copies: mark any confidential information with “confidential”.

•  Terms and conditions: reputable co-working spaces will include terms requiring users to keep information confidential.

Incubators and accelerators

If you want to work in a co-working space but have particularly sensitive information or are not comfortable with the confidentiality arrangements of the space, consider an incubator or accelerator as an alternative. Incubators and accelerators have many of the same benefits as co-working spaces but have a vested interest in the success of their startups so they are more likely to take a firmer stance on confidentiality arrangements.