GDPR and Anti-Money Laundering Rules Reshape Art Market Data Practices
The General Data Protection Regulation (GDPR) of the EU, which took effect on May 25, 2018, enforces rigorous data privacy standards on art market intermediaries, including galleries and auction houses, without any exceptions. This regulation expands the definition of personal data to encompass all identifying information. Art businesses are required to document their data processing activities, secure explicit consent, keep detailed records, and ensure accountability. Failure to comply can result in penalties of up to 2% of annual revenue or 4% of global revenue. Meanwhile, the US is developing regulations to categorize art dealers as regulated financial entities for anti-money laundering, akin to Italy. A Hiscox report reveals that 41% of galleries and 24% of online platforms lack awareness of GDPR. The Lisson Gallery is now focused on managing relationships and monitoring various client data that fall under GDPR regulations.
Key facts
- GDPR takes effect May 25, 2018, with no exemptions for the art sector.
- Personal data now includes images, emails, and social media messages.
- Galleries and auction houses must map data processes and obtain specific consent.
- Non-compliance fines: up to 2% of annual turnover or 4% of global turnover.
- US plans to classify art dealers as regulated financial institutions for anti-money laundering.
- Italy already has anti-money laundering rules for art dealers, often ignored.
- Hiscox report: 41% of galleries and 24% of online platforms unaware of GDPR.
- Lisson Gallery's database tracks client purchases, events, artist interests, and dietary needs.
Entities
Institutions
- Artribune
- Financial Times
- Lisson Gallery
- Hiscox
- ANGAMC
- Federculture
- ICOM
Locations
- Italy
- United States