Okay, okay, okay, let me post the act...
This act and section was specifically written to protect any data without placing any further burden on the owner of the data.
Last edited:
-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: What is the ultimate French toast topping?
Okay, okay, okay, let me post the act...
This act and section was specifically written to protect any data without placing any further burden on the owner of the data.
Cut House some slack. He's obviously not familiar with CPA.
Unfortunately the CPA will have no influence on criminal proceedings related to the ECT Act - section 85 and 86(1).
Certainly, but a whole lot of poeple can make a case against Sanral.
If I remember correctly, this was already discussed in the COJ thread. There actually is no act any company can be charged with criminally. The only act that could have an effect is the POPI act, but there are still 2 or perhaps more years before the act will be enforced. So, there is not much, if anything, that can be done against these companies.
Believe me, if there was, MyBB users would have been the first to already have laid charges against the COJ.
Ok, learning a lot, so what recourse then does a citizen have then when you are forced into a registration process, where you are publicly and contractually assured that your information is secure, when it is compromised?
This is irrespective of the charges that have been laid against whoever, this is as a member of the public, who's 'secure' information has been published to the world, i.e. compromised!
I would imagine at this stage a level of security would need to be assessed, if it was an open door or a vault that the (cough) hacker went through etc. But where does this leave you as Joe Public?
AfricanTech
Honorary Master
In other words, you (House) are saying that the Act says that if you look at something (even a sheet of paper) and you become aware that you should not be looking at it, and you continue to look at it, then you are contravention the law.
So if some forgetful government employee leaves a piece of paper on a bar counter, and you glance at it and based on what you see written there you conclude that you should not be looking at it (ie it has top secret stamped on it somewhere) then you can be prosecuted for contravention.
Very interesting - this definitely needs challenging in the context of the Internet where anything that is stored on a publically accessible server is deemed to be public.
Exposing a server to the Internet is like having a table setup on the sidewalk outside your business - anything you don't want people to see should not be on that table, or should be in a secure box that is locked. If you leave it unlocked, the you are being negligent.
Hard to believe that the Act can be as naive as its presented here, but then what do I know, I'm no legal expert.
So if some forgetful government employee leaves a piece of paper on a bar counter, and you glance at it and based on what you see written there you conclude that you should not be looking at it (ie it has top secret stamped on it somewhere) then you can be prosecuted for contravention.
Very interesting - this definitely needs challenging in the context of the Internet where anything that is stored on a publically accessible server is deemed to be public.
Exposing a server to the Internet is like having a table setup on the sidewalk outside your business - anything you don't want people to see should not be on that table, or should be in a secure box that is locked. If you leave it unlocked, the you are being negligent.
Hard to believe that the Act can be as naive as its presented here, but then what do I know, I'm no legal expert.
biometrics
Honorary Master
- Joined
- Aug 7, 2003
- Messages
- 71,856
- Reaction score
- 2,239
No worries, neither is House.
Firstly, where to complain? Honestly I do not know. Personally I would lodge a complaint at some consumer complaints commissioner, but I think that is about all that can be done to force them to protect your information sufficiently. That is until the POPI act comes into effect.
Right from the onset of the COJ case I knew that criminal charges will be laid and informed people of that. The only reason being the manner in which the incident was made public.
Again, my recommendation would be to approach the institution. If they do not respond, approach a media institution such as MyBB or any newspaper. They have sufficient legal advise on what to publish and how to publish it. One must always be careful, as good intentions can end you up on the wrong side of the law - as with the COJ case.
This is not what I am saying, in fact, this is what the law says. Actually, written almost exactly as you typed.
So if some forgetful government employee leaves a piece of paper on a bar counter, and you glance at it and based on what you see written there you conclude that you should not be looking at it (ie it has top secret stamped on it somewhere) AND YOU LOOK AT IT AGAIN then you can be prosecuted for contravention.
Yes.
There are several aspects of the ECT act that needs challenging. I agree with that.
Almost all websites, online retailers and digital goods sales are hosted on public servers. Digital products are stored (obscurely) on the very same servers. Scripts are being used to render download links once payments are made. This does not mean if someone figures out the location of the goods they can download it for free...
Nothing is naive here.
Jola
Honorary Master
Which seems to be what SANRAL is doing ???
Unlimited and free e-Natis access has been given to them by government.
PayMyFines are indirectly their own venture and legally they can give one another access to the data.
Any company, for legal reasons, such as credit lending, tracing, fraud identification and prevention are free to sign up with any credit bureau.
So, unless you know of any other place they get data from 'illegally' I still fail to see where they are in contravention of the - or any act.
biometrics
Honorary Master
- Joined
- Aug 7, 2003
- Messages
- 71,856
- Reaction score
- 2,239
Identify yourself House.
Jola
Honorary Master
Which they are not really using, since I have seen a number of examples of them using old data.
Some of their data acquisition seems suspicious - let's wait and see !
The truth behind the whole e-Natis affair is that e-Natis is not able to offer them direct access to their system, due to the large number of queries, which will cause the system to fall over. Instead, it was decided that e-Natis will provide them with a copy of their database, which will be updated on a regular basis.
What happened after this is quite clear. Either they never received any updates or they do not have the technical expertise to keep the data updated. They are basically working from a 2-3 year old e-Natis database at this time.
Agreed, I would also like to see where they got their other data from. I am almost willing to bet a lot of money that they bought data from banking institutions and retail institutions. I know the sale of data between banks, insurance and retail companies is a huge business today.
ant_man
Expert Member
From what I have seen ENATIS data is really of bad quality. There contact details are outdated as the base is not properly managed or updated.
You are correct in saying their data acquisition seems suspicious, as they would not really use the traditional routes as those would prove way to expensive.
Consumers have the right to quality service: chapter 2, part H, sections 54-55.
https://www.saica.co.za/Portals/0/Technical/LegalAndGovernance/Consumer%20Protection%20Act%2068%20of%202008.pdf
I agree with you. You can always try to force them to secure the data based on this, however, they will not be charged criminally nor civilly nor will any actions be taken against them.
biometrics
Honorary Master
- Joined
- Aug 7, 2003
- Messages
- 71,856
- Reaction score
- 2,239
Identify yourself House.
Jola
Honorary Master
So there are going to multitudes of billing errors, as I have already seen happening ?