Expanding your team is a hallmark of agency success, allowing you to diversify services and capitalise on new trends. However, with traditional recruitment stagnating in recent years, many agencies have turned to freelancers and the gig economy to maintain agility. The debate of whether to hire a freelancer or a full-time employee remains, but there are certainly compelling reasons to go the freelance route. Not least, it allows digital agencies a lot more flexibility, autonomy, and financial freedom.
However, many make the mistake of not seeing the bigger picture with freelance arrangements. By not looking beyond project timelines, deliverables and workloads, they fail to consider possible legal ramifications of a freelancer’s mistake, which could come back to haunt the agency. Whether it’s an innocuous GDPR oversight, aggressive client interaction, or a more severe lapse in proper security etiquette causing a security breach, the lack of traditional contractual responsibility doesn’t automatically absolve you of blame.
Recent legal precedents have reshaped how UK courts view employer responsibility. So, it’s important for agencies to understand their position when freelancers make costly and invariably damaging mistakes.
Vicarious liability is a legal principle that holds organisations accountable for wrongful acts committed by their workers. The case of Mohamud v WM Morrison Supermarkets established that even unauthorised conduct can trigger vicarious liability if actions occur within the general scope of employment duties. For a comprehensive guide addressing this specific case, together with the complex legal principles governing when organisations become liable for actions of employees, the resource offered by the well-established legal practice George Ide LLP, can prove helpful to understand your business’ potential risk exposure.
A further consideration is that freelancers are not necessarily classed in the same vein as full-time employees, and understanding employers’ responsibilities in this area can therefore be more grey. Freelancers invariably operate without as much supervision as regular workers, and aren’t held to the same standards necessarily. In the eyes of many employers, they are employed on an ad-hoc basis to fulfil a rudimentary set of tasks and jobs.
However, depending on the level of access you grant freelancers to your proprietary systems, accounts and data to complete such tasks, you could be exposing your business to greater risks, particularly with regard to cyber security. For agencies, a case in point is when a freelance developer accidentally exposes client data or a contractor falls victim to a phishing attack that compromises your systems. Being able to clarify whether they are legally responsible, can be a difficult question to answer.
UK courts apply a two-stage test to determine vicarious liability. First, the wrongful action must have occurred during the course or scope of employment. Second, there must be a sufficiently close connection between the worker’s authorised activities and the breach.
However, it’s not prudent to test this through the courts, particularly when business data and reputation can be adversely affected within minutes. So, while this illustrates the need for legally watertight contracts, the salient point is that they alone cannot protect a business from liability.
Companies using freelance networks have a distinct risk profile and one which is hard to bolster. Common vulnerabilities include:
Regardless of incumbent contractual arrangements, businesses may be forced to defend expensive legal claims. Vicarious liability doesn’t vanish because a worker is classed as a contractor or sole trader.
Most businesses turn to professional indemnity insurance as a solution, under the auspices that it covers all potential liabilities. However, standard policies don’t always include cyber-related incidents, nor do they impose unlimited coverage limits that fall short of claim values. Recent data by Bruce & Butler, highly-regarded cyber security experts, suggests that over 60% of UK businesses operate without sufficient cyber liability insurance, which is alarming.
Professional indemnity insurance typically covers negligence, breach of contract, and intellectual property or copyright infringement. Cyber liability insurance is worth exercising when concerning data breaches, malware incidents, or mistakes that affect technology or data integrity. Agencies and businesses leveraging freelancer networks should consider both forms of protection to ensure maximum coverage.
Business owners everywhere, however extensively a freelance network is used, should implement several key protective measures:
Understanding specific contractor or freelancer insurance can be difficult, depending on what you’re hiring them for. For detailed guidance on freelancer insurance products, coverage and criteria, consult the guide published by Small Business UK, a leading resource for SMEs and best small business advice.
The thought of contractor and freelancer insurance, alongside more protocols and processes to your existing operations may cause you to let out a loud groan. While they may be an administrative headache, it’s important to recognise that engaging freelancers without proper safeguards could put you in legal hot water in the event of an incident. Even if the risk is low, having the assured peace of mind that you and your company are covered can be invaluable.
Rather than viewing contractor insurance requirements as another bureaucratic obstacle, treat it for what it really is: a fundamental layer of security. The cost of ensuring sufficient freelancer coverage doesn’t come close to the potential costs of liability exposure or reputational damage suffered after a serious incident.
Working with legal advisers, insurance brokers and trusted freelance networks ensuring client data is respected at every stage, will give you the best possible chance to navigate these rocky waters with confidence.