PoPI and the issue of privacy

CCTV Handbook 2015 Surveillance

David Taylor.
David Taylor.

The recently enacted Protection of Personal Information (PoPI) Act, which sets conditions for how organisations can process information, has caused significant upheaval in the South African business environment. Companies are either panicking about how to comply, or conversely opting to pay the fines for non-compliance as they see this as a less onerous option.

However, privacy of information is not a new issue, either locally or internationally. In Europe, information privacy has been a concern since the 1970s, and many countries have stringent laws in place. In South Africa, Section 14 of the Constitution protects the right of privacy of citizens, which PoPI enforces, and the law itself has been in the making for almost a decade.

While PoPI compliance is typically seen as a grudge task, it can in fact be regarded as more than good governance. Privacy of personal information can be used as a driver of competitive advantage in an environment where differentiation is difficult, positioning them favourably to retain and secure new business.

Cloud services have seen a rapid uptake in the local market in recent years, driven by increased availability and affordability of bandwidth. However, in light of the introduction of PoPI, organisations need to take additional cognisance of the abilities of their service providers. Even if an organisation adheres to legislation with the highest standards, policies and procedures in place, relationships with service providers can introduce an element of risk.

The onus is on the company itself to ensure that their data and their customers’ information is protected, regardless of the outsourcing of services, as they will be held liable should information be breached.

Processing personal information

In essence, PoPI is a set of conditions regarding how organisations process and store the personal information of their clients, customers and employees. These conditions include what information may be processed, under what circumstances it can be processed, for how long it may be stored, how information must be maintained, how and when it must be defensibly deleted and who is allowed to have access to it.

This includes all information that resides with an outside service provider, such as is the case with the cloud. Ensuring cloud service providers adhere to PoPI as well as international privacy legislation is therefore essential.

For cloud service providers, the ability to guarantee privacy and compliance with such legalities can be leveraged as a differentiator and a driver of competitive advantage. Personal information is highly valued by customers, and organisations that can assure customers that their information is protected will attract more customers. This trend has already emerged in Europe, and multinational enterprises with a local presence, as well as South African financial institutions are leading the way locally.

PoPI compliance requires organisations to put into place certain legal, organisational and technical measures. However, every organisation is unique, and ensuring PoPI compliance is not a ‘one size fits all’ process. Enterprises must analyse their industry and application laws and regulations governing them in order to identify these requirements on a more granular level. Technology particularly depends entirely on the size and nature of the business, however this aspect is essential as Sections 17 to 22 of the PoPI Act require appropriate security measures to be implemented.

Competitive advantage

Leveraging privacy and PoPI compliance as a driver of competitive advantage requires that all loopholes be closed, and that service providers take into account international legislation as well as local laws. In order to achieve this, they must first be identified, which requires evaluation across three categories.

Firstly, legal matters must be examined – contracts, employee data, supplier data and customer data must all be revised in line with relevant legislation, and a privacy policy needs to be put into place to govern all of these parties. Organisational matters such as the ability to respond to a breach and adequately trained support staff must then be addressed. In addition, physical security is essential in all aspects, from data security to shredding paper-based documents.

Once these areas have been addressed, customer trust can be developed and nurtured. Trust is the basis of loyalty, which is essential for retaining and attracting customers. Compliance with PoPI is not necessarily the onerous and costly task it at first seems to be.

While it may require a certain amount of effort, the benefits have the potential to outweigh this. In a sector like cloud computing, where the technology and service offerings are highly uniform, trust becomes the ultimate differentiator and point of competitive advantage.

For more information contact T-Systems South Africa, +27 (0)11 266 0266, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Human-centric control rooms
Iritron Integrated Solutions Surveillance Residential Estate (Industry)
Iritron and Oculus show that when it comes to control rooms, people, not just technology, are at the centre of the most significant performance differentiators today, not just how efficiently the technology works.

Read more...
Smarter security for safer estate living
neaMetrics Suprema Integrated Solutions Surveillance Access Control & Identity Management Residential Estate (Industry)
The expansion of residential estates has led to many communities being constructed with security as an afterthought. Unfortunately, fencing, cameras, and a guard at the gate only create a false sense of safety, which vanishes after the first incident.

Read more...
Secure, long-distance thermal from Keenfinity
Products & Solutions Surveillance Residential Estate (Industry)
The DINION thermal 8100i camera is a bullet thermal camera built for mission-critical applications, prioritising long-distance monitoring and reliable perimeter intrusion detection with built-in Intelligent Video Analytics (IVA) Pro Perimeter video analytics.

Read more...
IVA AI Pro Visual Gun Detection
Products & Solutions Surveillance Security Services & Risk Management Residential Estate (Industry)
Bosch has announced the launch of the IVA AI Pro Visual Gun Detection analytics based on deep learning. It is designed for automatic detection and classification of people and brandished firearms.

Read more...
IP-based horn loudspeakers
Products & Solutions Surveillance Security Services & Risk Management Residential Estate (Industry)
Bosch has announced the launch of its new IP-based horn loudspeakers and amplifier module: the high-output LHN-UC15L-SIP horn (for long-throw applications), the compact LHN-UC15W-SIP horn (for wide-angle coverage) and the AMN-P15-SIP amplifier module.

Read more...
Identity, Security & Access Alliance focuses on intelligence and integration
SMART Security Solutions Ideco Biometrics BoomGate Systems Bosch Building Technologies Technews Publishing Integrated Solutions Surveillance Access Control & Identity Management
The Identity, Security & Access Alliance (ISAA) hosted several launch events in Johannesburg in August, showcasing the participating companies’ technical solutions with a primary focus on the solutions made possible by integrating high-quality systems to deliver comprehensive solutions.

Read more...
Make BIG and COMPLEX small and manageable
neaMetrics Suprema AI & Data Analytics Surveillance Integrated Solutions
Traditional CCTV and access systems often operate separately, creating gaps in visibility and efficiency. TRASSIR and Suprema have partnered to develop an integrated platform that improves security, operations, and situational awareness.

Read more...
Get the AI fundamentals right
Leaderware Editor's Choice Surveillance AI & Data Analytics
Much of the marketing for CCTV AI detection implies the client can just drop the AI into their existing systems and operations, and they will be detecting all criminals and be far more efficient when doing it.

Read more...
SMART Surveillance Conference in Johannesburg
Arteco Global Africa Technews Publishing SMART Security Solutions Axis Communications SA neaMetrics Editor's Choice Surveillance Security Services & Risk Management Logistics (Industry) AI & Data Analytics
SMART Security Solutions hosted its annual SMART Surveillance Conference in Johannesburg in July, welcoming several guests, sponsors, and speakers for an informative and enjoyable day examining the evolution of the surveillance market.

Read more...
LiDAR protects railways from new and existing dangers
Surveillance
3D LiDAR (Light Detection and Ranging) sensors are being installed to monitor rail traffic and ensure safety of passengers as well as individuals walking near the tracks, or trying to perform dangerous stunts for social media.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.