Articles
PoPIA's telemarketing loophole: Can it be closed?
-
8 months ago
During a recent television news interview, the chairperson of South Africa’s Information Regulator, Advocate Pansy Tlakula, announced the imminent completion of a Direct Marketing Guidance Note aimed at helping the direct marketing sector, especially telemarketers, to adhere to the Protection of Personal Information Act 4 of 2013 (PoPIA). This development follows persistent grievances voiced by the South African public regarding the receipt of unsolicited telemarketing calls, notwithstanding their lack of consent.
Section 69 of PoPIA is clear in its position regarding the prohibition of ‘direct marketing by means of unsolicited electronic communications’. But the news coverage programme suggested a potential loophole within PoPIA that certain ‘telephone companies’ may be exploiting. The upcoming Direct Marketing Guidance Note intends to address this issue.
The loophole
Tlakula highlighted a loophole stemming from the ambiguity in defining what constitutes as 'electronic communication' under PoPIA. The Act specifies 'electronic communication' as “any text, voice, sound or image message sent over an electronic communications network which is stored in the network or in the recipient’s terminal equipment until it is collected by the recipient”.
Tlakula pointed out that since some telemarketers believe that telephone calls occur in real time and are technically not ‘stored’ in any network – there exists a ‘loophole’ for telemarketers to assume the position that telephone calls are not covered under the scope of the ‘electronic communications’ definition contained in PoPIA.
Furthermore, Section 69 of PoPIA prohibits the processing of personal data of the person to whom personal information relates, for direct marketing through electronic means, including automated calls, fax, SMS, or e-mail, without explicitly mentioning live telephonic communications. This omission further widens the loophole, suggesting that telephone calls with live human interaction might not be covered by the protections of Section 69 of PoPIA, allowing more room for interpretation and potential exploitation by telemarketers. It is expected that the Information Regulator will, by way of its intended Direct Marketing Guidance Note, take a stance on where they intend to specifically incorporate such telephone communications within PoPIA.
Tlakula is unable to provide a timeline as to when such expected Note will be passed, since there is still an outstanding phase in its finalisation requiring consultation with the public and direct marketing sector. It is hoped that these consultations will ensure that no other gaps or discrepancies in direct marketing under PoPIA will exist.
Enforcement notice
In the broadcast, Tlakula also touched on the critical issue of securing consent from individuals for direct marketing activities under Section 69 of PoPIA. The lack of consequences for companies that carry out direct marketing activities without the explicit consent (or after the withdrawal of consent) from individuals led the Information Regulator to issue its first 'enforcement notice' on 27 February 2024.
This notice was directed at FT Rams Consulting, a training provider found to be in violation of PoPIA's stipulations. Through the enforcement notice, the Information Regulator outlined specific guidelines for entities (defined in PoPIA as responsible parties, including both public and private bodies that determine the purpose and means of processing personal information) on the proper procedure for obtaining consent from consumers. It mandates that the initial communication with consumers must seek their consent and allow them to choose their preferred communication method.
The notice requires FT Rams Consulting to create and maintain a database to record the details of consumers who have either consented to direct marketing and later revoked it or have never given their consent. This measure aims to ensure there is a verifiable process in place to prevent any future unauthorised contact with these individuals, effectively closing the gap for repeated outreach without consent.
These measures are indicative of the Information Regulator’s commitment to ensuring that the public is afforded their full scope of protection as envisaged in PoPIA. Responsible parties, which includes telemarketers, are encouraged to strictly align their mandates with PoPIA in order to avoid incurring any penalties contained in PoPIA, which can comprise of fines of up to R10m and / or imprisonment for a period not exceeding 10 years or both.
Related Articles Posts
Categories
Popular Post
-
SA’s IT spend to outpace GDP growth 1 year ago
-
Vodacom, Netstar launch free in-taxi Wi-... 1 year ago
-
South Africa under pressure to fill cybe... 1 year ago
-
Organisations with a strong employee val... 1 year ago
-
Joint policy-in-action event highlights... 1 year ago
-
Boost your digital transformation journe... 1 year ago