Subscribe
About

InfoReg accuses SAPS of POPIA non-compliance

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 30 Aug 2022

The Information Regulator (InfoReg) says it has issued a summons to the South African Police Service (SAPS), to provide the information watchdog with details related to the release of personal information of the Krugersdorp rape victims by the SAPS.

This follows failure by the SAPS to provide sufficient details by the 15 August deadline, regarding the circumstances that led tothe disclosure of the personal information of eight women who were allegedly raped by a mob in West Village, Krugersdorp, on 28 July.

Following this incident, the InfoReg says it was made aware the personal information of the victims − including their names, ages, home addresses and the nature of the violations against them − had been shared via WhatsApp, allegedly leaked by SAPS officials.

According to the information watchdog, this constitutes interference by the SAPS with the protection of personal information of data subjects (the victims).

“In order to determine whether the SAPS has interfered, or is interfering with the protection of personal information of the data subjects, the regulator had issued an Information Notice in terms of the Protection of Personal Information Act (POPIA) section 90, to SAPS,” says the InfoReg in a statement.

“This demands it furnishes the regulator with certain information, including the purpose for drafting the WhatsApp message and the identity of those individuals to whom the WhatsApp message was circulated (detailing the list of names of recipients, their job titles, employer/s and cellphone numbers to which the message was circulated).”

It also demands information regarding the date/s on which the message was circulated to the recipients, the time and date when the WhatsApp message was circulated beyond the group it was intended for, and the identity of the individuals to whom it was sent. Additionally, it wants to know who circulated the message beyond the original group for whom the message was intended.

For the InfoReg to conduct a thorough investigation, the SAPS must confirm if the message was circulated in any other format or platform other than WhatsApp, it notes.

“Lastly, the regulator needs the SAPS to provide it with a report by the information officer of SAPS recording that the processing of the identities of the rape victims was in compliance with the processing conditions of POPIA and a report on SAPS’s investigation into the circulation of the personal information of the victims,” adds the watchdog.

The regulator says it found the SAPS response to be inadequate, hence the decision to issue a summons to acquire all the information demanded by the IR for the purposes of the investigation.

“We do not take kindly to the non-responsiveness or inadequate responses to issued Information Notices by responsible parties, because this interferes with the regulator’s ability to conduct investigations into reported matters or those initiated by us,” says advocate Pansy Tlakula, chairperson of the regulator.

“This has a serious inditement for the regulator to provide necessary recourse to the victims of whom the right to privacy was possibly violated.”

Share