We all make use of websites on a daily basis. In fact, the latest statistics from global agency We Are Social indicate that the average South African spends over eight hours a day navigating websites and having their personal data collected through engagement on the websites they visit.
Considering this, do we really know how much private and personal information we share and whether this information is truly secure?
The Protection of Personal Information (PoPI) Act is designed to protect the privacy and integrity of a user’s personal data. But what are the implications with regard to digital media?
The Act will have far-reaching implications for digital media, marketing and advertising.
What should be noted is that the Act is not only applicable to the forms we fill in, but also to the cookies we use on a website for analytics, advertising and functional integration like chat tools.
Users of the websites Flow develops are provided with a clear opt-in that acknowledges that they have given consent to the website (the “business”) to collect, process and store their information, and through this, a business should be able to provide clear evidence of this transaction.
So how do we go about ensuring that not only are our users safe through an encrypted experience, when visiting our websites, but that their data is too, and that we are compliant with the requirements of the PoPI Act?
There are dire consequences for any party being convicted of an offence in terms of POPI. A maximum period of imprisonment of 10 years, or an undisclosed maximum fine (each fine to be determined by the relevant court on a case-by-case basis) can be levied. Furthermore, the regulator may institute administrative fines up to an amount of R10 million.
First and foremost, Flow needs to ensure that our websites are secure by making use of an SSL certificate. It is our responsibility to show our users that we have taken due diligence to protect their data. It also means we are compliant with the latest Google trend, which now indicates in the URL bar those websites that are not secure. Putting this in place also goes a long way to improving the overall user experience.
Secondly, we need to ensure that we have a good cookie policy, which indicates who is collecting the information, what the purpose of the cookie is, and how we will be using the data that we are collecting.
Lastly, we need to ensure that the website’s terms and conditions and our privacy policies cover all of these aspects, and that they are clear and concise, leaving no room for ambiguity. The terms and conditions of a website, or the warranty of a product, if unclear, could lead to a consumer not understanding the consequences of certain behaviours or actions.
Flow is well positioned to support our clients through the PoPI compliance process, as it’s an important transition to secure our users’ data and provide the best user experience possible.