It is not advisable for South Africans to only rely on the law to protect their personal information, as there are a number of unscrupulous operators out there and various ways in which data can be accessed or breached.
For this reason, people should be very conscious of how they share their data and who they share it with.
The world is still reeling from the news that Facebook shared users’ personal information with a third party, who allegedly used that information for political gain. What can you do, as an individual, to protect yourself from data breaches?
In South Africa, it is said that around 60 000 Facebook users were affected by the Cambridge Analytica data breach, which means that their data was shared with a third party without their permission.
South Africa’s Department of Justice, via the Information Regulator, has asked Facebook for information on how users can be better protected, and to notify all affected users about the breach. This raises important questions about how well South Africans’ data is protected, and what we can do to keep ourselves safe in future.
“South Africa has some advanced legislation that covers how data may be used and what must be disclosed,” says Vera Nagtegaal, the executive head of Hippo.co.za.
“One of the most important laws is the Protection of Personal Information Act or POPIA, which requires all businesses to act responsibly in the collection, storage and sharing of personal data – and it is expected that the law should come fully into effect in the second half of this year.”
These are some of the precautions that you should be taking:
- Consider all your personal information – from bank statements to your ID number to your phone number – to be valuable assets. Only share them if there is a good reason to and if you are certain that the recipient is a trusted business or individual who has a good reason for requesting the information.
- Shred all documents with personal details – especially bank statements – before you put them into the rubbish or recycling.
- Always download software updates for your tablets, phone and PC as soon as they become available. These often contain patches for newly discovered security vulnerabilities.
- Make sure that you have spyware and malware protection on all your electronic devices, including your PC, tablet and cell phone – and never use any other devices to access your social media profiles, internet banking or any websites where you have to enter in your credit card details.
- Look at the privacy settings on all your social media profiles. Set them to the highest level. Also be sure to check what apps on your social media profiles you have given permission to access your data.
- Consider carefully the information that you post online. For example, if you want to show everyone what your new driver’s licence photo looks like, be sure to obscure your identity number. Never show your address or telephone number.
- Never respond to telephonic requests for personal information. If someone claims to be from a legitimate organisation like a bank, ask for a number you can call them back on and verify that they are who they say they are.
- Be suspicious of any email from your bank or insurance company that asks you to provide or validate personal information or account details. Your bank or insurance provider are unlikely to ever do this, so if you receive such an email, phone the relevant financial services provider before doing anything.
- Password protect everything – including your phone, so that if it’s lost or stolen, no one can access the information stored there.
- Be cautious about participating in online quizzes. While some of these are just for fun, many are gathering data. Be especially careful of posts that ask you to reveal what your date of birth or phone number digits reveal about you.
- Don’t participate in voucher scams that ask you to fill in personal details to qualify for free trainers, flight tickets or retail vouchers. Firstly, there are no vouchers, and secondly, you have shared your and your friends’ personal information to qualify.
- Stay abreast of information in the news that may affect any of the products or services that you use, and follow the necessary steps to keep yourself safe.
“It’s a data minefield out there,” says Nagtegaal, “but if you take your data security seriously, and are sceptical of any requests for information, you’ll go a long way to protecting yourself against a data breach.”