Warning for companies trading personal information in South Africa

South Africa’s Information Regulator has issued a stern warning to marketing companies and other groups who abuse the Protection of Personal Information Act (POPIA).

The regulator says it has received and concluded preliminary investigations on over 700 complaints from various data subjects since July 2021.

Most complaints received relate to direct marketing, indicating that many responsible parties are not complying with the sections of POPIA relating to unsolicited electronic communication and consent, justification, and objection.

Presenting at a recent media breakfast, the regulator said it has received a notification from the National Credit Regulator regarding a report about entities engaging in the sale of personal information of consumers, such as:

  • Names and surnames;
  • Identity numbers;
  • Contact numbers;
  • Credit scores;
  • Consumer debt review statuses.

“We are warning responsible parties that continue to trade in personal information that this is in violation of POPIA, and we will not tolerate it. We are sending an unequivocal message to players in the credit granting and direct marketing sectors of our economy: this must stop.”

The regulator said the country is experiencing an alarming rate of security compromises with over 330 reports of data breaches being recorded since POPIA became effective just over a year ago.

Web Search Engine

To address this, the regulator has decided to establish a dedicated unit to conduct extensive investigations and assessments into these security compromises and will issue reports with findings and recommendations. These reports will be deemed to be enforcement notices, it said.

Commentary by Era Gunning and Rakhee Dullabh of legal firm ENSAfrica.

Read: New features coming to WhatsApp – including ‘stealth mode’

Artmotion S.Africa

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button