Cellular1.10.2024

Spam call plague in South Africa

An uptick in data leaks detected by the Information Regulator of South Africa shows that many companies — including those that conduct direct marketing — still fail to abide by the Protection of Personal Information Act (POPIA).

In an interview with eNCA, Information Regulator advocate Lebogang Stroom said that POPIA is very straightforward and does not prevent telemarketers from conducting their business.

“POPIA is very clear in what is classified as electronic communication — telephone calls, SMSs, fax, and automated communications,” Stroom said.

She said the Act states that direct marketers are only allowed to contact an individual once, during which the marketer should ask for consent to be able to contact them again.

If consent is not provided, marketers may not contact the individual again, which Stroom said companies fail to do.

“The problem is that company A will call you on a particular number, and they will stop when they are told to stop communications,” Stroom continued.

“However, the next time the same marketers make contact, they will use a different number to bombard you with marketing.”

Stroom said this is wrong and against the objectives of POPIA.

To mitigate this, the Information Regulator is encouraging people to report businesses contravening the Act.

This can be done by completing and submitting a form on its website.

The regulator has noticed that formal complaints haven’t significantly increased despite many South Africans complaining about spam calls.

According to Tshepo Boikanyo, the executive overseeing POPIA at the regulator, this is because many South Africans believe they will be compensated for reporting offenders.

They often abandon their complaints when they realise this isn’t the case.

“When these complaints come to us, we investigate them, and sometime during the course of the investigation, we pick up that data subjects do not have the appetite to continue with these,” Boikanyo says.

“They will then say to us that they thought they would get compensated through the process. Our provisions do not allow for data subjects to get compensation.”

Advocate Lebogang Stroom, Information Regulator of South Africa

Worst spam callers in South Africa

The Information Regulator and TrueCaller have identified insurance companies, debt collectors, mobile operators, and political parties as the most complained-about spam callers in South Africa.

“The Regulator has in the past financial year received complaints against insurance companies where complainants would have alleged that they have been spammed,” the Information Regulator previously told MyBroadband.

It added that while the complaints vary and often relate to other business types, complaints over spam calls from insurance companies are the most common.

“We so far issued an enforcement notice to one responsible party as a result of direct marketing POPIA contravention,” it added.

TrueCaller said it could not share exact figures but listed the categories with the most spam and scam calls reported by South African users.

These are, in no particular order, insurance companies, finance firms, debt collectors, telecommunications companies, political parties, and those committing immigration fraud.

South Africa’s Information Regulator is trying to crack down on unsolicited direct marketing calls in South Africa, beginning with companies that do not remove people from their lists when requested to do so.

In February 2024, the watchdog confirmed that telemarketing amounts to electronic communication and must be regulated under the Protection of Personal Information Act (POPIA).

The regulator will investigate companies found to be contravening the Act and, if necessary, issue them with enforcement notices.

“Following receipt of a complaint on direct marketing, we would conduct an investigation, which may be followed by an enforcement notice,” it said.

However, it noted that it may also carry out a section 89 assessment on its own without a complaint or by request, which will be followed by an assessment report.

“The Assessment Report is equivalent to an enforcement notice,” it said.

The enforcement notice or assessment report will include instructions that the offending company must comply with within a specified time frame.

If they fail to do so, they could be fined up to R10 million or sentenced to jail time.

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter