Close Menu
  • Homepage
  • News
  • Cloud & AI
  • ECommerce
  • Entertainment
  • Finance
  • Opinion
  • Podcast
  • Contact

Subscribe to Updates

Get the latest technology news from TechFinancials News about FinTech, Tech, Business, Telecoms and Connected Life.

What's Hot

Pepe Coin Price Forecasts; Floki Inu Latest News & Top Crypto Investment To Make In 2025

2025-08-31

BNB Hits $900 In August As Analysts Give Their Latest Binance Coin Price Predictions

2025-08-31

SUI Price Prediction: Remittix Expected To Rise Over 4,000% This Year After Winning Top Crypto Presale Award

2025-08-31
Facebook X (Twitter) Instagram
Trending
  • Pepe Coin Price Forecasts; Floki Inu Latest News & Top Crypto Investment To Make In 2025
Facebook X (Twitter) Instagram YouTube LinkedIn WhatsApp RSS
TechFinancials
  • Homepage
  • News
  • Cloud & AI
  • ECommerce
  • Entertainment
  • Finance
  • Opinion
  • Podcast
  • Contact
TechFinancials
Home»Boardroom Games»Are South Africans Sacrificing their Rights by Allowing Phone-Tracking?
Boardroom Games

Are South Africans Sacrificing their Rights by Allowing Phone-Tracking?

ContributorBy Contributor2020-04-28Updated:2020-04-28No Comments6 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
Smartphone on wheels. Sashkin / Shutterstock.com
Smartphone on wheels. Sashkin / Shutterstock.com
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

by Alison Gillwald; Anri van der Spuy, and Gabriella Razzano

Tracking people infected with COVID-19 has become an important weapon in global responses to combatting the virus. Through the use of geo-location, mobile technology offers a simple solution for tracing people possibly exposed to COVID-19. With big data analytics there is the potential for tracking the pandemic’s spread, and employing analytics to forecast future patterns of contagion.

But at what cost? These are exceptional times calling for extraordinary measures. But do they justify the wholesale sacrifice of our rights? Concerns loom large across the globe. More than 100 civil society signatories and intergovernmental organisations have already warned as much in a joint letter.

The mobile phone industry is reportedly exploring the creation of a global data-sharing system that could track individuals around the world. For now, however, monitoring appears to be happening at national-level.

South Africa has joined several governments in passing regulations that allow the collection and storage of data from mobile companies. It has also appointed a former Constitutional Court Justice, Kate O’Regan, as the COVID-19 Judge. Her job will be to oversee data collection for the country’s contact-tracing database led by the Director-General of Health, Dr Anban Pillay.

The appointment of O’Regan indicates that the country is taking seriously concerns about the risks that monitoring can pose for human rights. Nevertheless, concerns remain about the ability of the Judge (or Parliament, which ultimately has oversight) to ensure that data, once collected, is not abused.

Global responses

A set of principles and ‘best practices’ have emerged internationally to guide data collection in disaster conditions. These include that:

  • measures are transparent and accountable;
  • the limitations of rights are proportional to the harms they are intended to prevent or limit;
  • data collection is minimised and time constrained;
  • data is retained for research or public use purposes and unused personal data is destroyed;
  • data is anonymised in such a way that individuals cannot be reidentified; and
  • third party sharing both within and outside of government is prevented.

However, South Africa’s data protection framework is not yet in place. Large parts of the Protection of Personal Information Act, 2013 have not yet come into force. The Office of the Information Regulator has been established. And three years ago Advocate Pansy Tlakula was appointed Chairperson. But key sections of the Act are not in play. Thus, her powers to act are constrained.

There is synchronicity, however, between the principles and requirements of the COVID-19 regulations, and the lawful data processing principles the Act describes.

The Regulator has issued guidelines for the collection of data to manage and curb the spread of COVID-19. These guidelines are contained in the Disaster Management Act (Regulations). And she has called for proactive compliance by responsible parties when processing personal information of data subjects who have been tested for, or are infected with, COVID-19.

The guidelines confirm the powers of the state to conduct mass surveillance of both COVID-19 carriers, and potential carriers through the sharing of data by mobile operators. They also include reference to some of the privacy touchstones in data collection, particularly when consent is not obtained.

The scope

Amendments to the disaster management regulations empower the Director-General of Health, to direct without prior notice, an electronic communications service provider to provide him with information for the COVID-19 tracing database to facilitate COVID-19 monitoring.

But these powers are circumscribed.

The regulations allow for the collection of location data of any person (and their personal identifiers) reasonably suspected to have contracted COVID-19, or that may have come into contact with someone who has. The commencement date is 5th March 2020.

The contents of the communication may not be intercepted by the Director-General – or anyone else.

The regulations state that the Department of Health will keep the information ‘confidential’. But big questions remain about the practical realities of ensuring that data remains secure, especially considering the Department’s own tenuous history in relation to data protection.

The regulations empower the Director General to instruct a mobile operator to provide the information mentioned. But the actual modalities of the data collection by the Health Department is less clear – particularly how the data is collected and transmitted to the database securely.

For instance, once a request for the data from an operator is made and provided to the Director-General, who will receive the information to inform the contacts? Who will ensure they are tested?

Importantly the regulations limit the collection of data only to the purpose of addressing, preventing, or combatting the spread of COVID-19. The data collected may only be disclosed by authorised persons for this purpose.

The Director-General is required to file weekly reports stating the number, names and details of all persons whose location or movements were obtained to the designated Judge. This will contribute to the oversight of collection. It will also go some way to constraining data collection to what’s strictly necessary.

The duration of data collection is circumscribed and terminates with the end of the national state of disaster. And within six weeks of it lapsing, the Director-General is required to file a report with the COVID-19 Judge detailing steps taken to de-identify the data. This includes providing notifications to every person whose information was obtained.

The regulations require that all information on the COVID-19 Tracing Database, which has not been de-identified, be destroyed once the state of disaster has ended. But de-identification is not defined. This is a major concern, given the very real possibility of re-identification with the use of other publicly available, or hacked, databases.

Possible improvements

These measures go some way to safeguarding South Africans’ individual rights while acting in the public interest to contain the virus.

But the regulations could be improved by:

  • requiring that data subject be informed as soon as they are tracked, but no later than six weeks after the termination of the state of disaster;
  • explicitly empowering the Judge to appoint technical experts to assist her in reviewing the use of data. This could include helping to ensure its security;
  • explicitly giving the Judge access to the database and the data supplied by the cellular providers to verify reporting. This could also assist in monitoring security and other data processing protection measures;
  • requiring immediate notification of all compromises of privacy or security of the data to the persons whose data is compromised; and
  • clearly prescribing data processing standards that respect the principles set out in the Act.The Conversation

Alison Gillwald, Adjunct Professor, Nelson Mandela School of Public Governance, University of Cape Town; Andrew Rens, Senior Research Fellow, Research ICT Africa, American University; Anri van der Spuy, PhD Researcher, London School of Economics and Political Science, and Gabriella Razzano, Lawyer and Researcher, London School of Economics and Political Science

This article is republished from The Conversation under a Creative Commons license. Read the original article.

contact tracing human rights privacy rights public health South Africa
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Contributor

Related Posts

SA’s Skhokho 2.0 Puts Enterprise AI In SME Hands

2025-08-28

Please Call Me: After 25 Years, Will SCA’s New Bench Silence ConCourt?

2025-08-26

Amid Uncertainty, Navigating The AI transition, A Roadmap For Africa

2025-08-26

Vodacom Invests R400M To Expand Network In Free State And Northern Cape

2025-08-26

Where Are The Black Investors And VCs?

2025-08-25

Why South Africa Is The Hidden Powerhouse For Global Executive Search

2025-08-25

Spaza Eats Becomes Spaza Market For Digital Economy

2025-08-22

Your WiFi Router Is About To Start Watching You

2025-08-21

It’s Time To Fight AI With AI In The Battle For Cyber-Resilience

2025-08-20
Leave A Reply Cancel Reply

DON'T MISS
Breaking News

BankservAfrica Rebrands As PayInc

The financial market infrastructure giant BankservAfrica has officially been rebranded to PayInc. The launch, held…

KZN’s First Supercar-Centric Luxury Residential Development Unveiled

2025-08-27

Government Pensions Administration Agency CEO Placed On Precautionary Suspension

2025-08-26

Airtel Africa & Vodacom Forge Landmark Infrastructure Partnership

2025-08-12
Stay In Touch
  • Facebook
  • Twitter
  • YouTube
  • LinkedIn
OUR PICKS

SA’s Skhokho 2.0 Puts Enterprise AI In SME Hands

2025-08-28

Please Call Me: After 25 Years, Will SCA’s New Bench Silence ConCourt?

2025-08-26

Vodacom Invests R400M To Expand Network In Free State And Northern Cape

2025-08-26

Elon Musk’s Starlink Backs BEE Equity Equivalents, Not 30% Ownership

2025-08-18

Subscribe to Updates

Get the latest tech news from TechFinancials about telecoms, fintech and connected life.

About Us

TechFinancials delivers in-depth analysis of tech, digital revolution, fintech, e-commerce, digital banking and breaking tech news.

Facebook X (Twitter) Instagram YouTube LinkedIn WhatsApp Reddit RSS
Our Picks

Pepe Coin Price Forecasts; Floki Inu Latest News & Top Crypto Investment To Make In 2025

2025-08-31

BNB Hits $900 In August As Analysts Give Their Latest Binance Coin Price Predictions

2025-08-31

SUI Price Prediction: Remittix Expected To Rise Over 4,000% This Year After Winning Top Crypto Presale Award

2025-08-31
Recent Posts
  • Pepe Coin Price Forecasts; Floki Inu Latest News & Top Crypto Investment To Make In 2025
  • BNB Hits $900 In August As Analysts Give Their Latest Binance Coin Price Predictions
  • SUI Price Prediction: Remittix Expected To Rise Over 4,000% This Year After Winning Top Crypto Presale Award
  • Ethereum Price Heading Towards $4,000 As Crypto Markets Drop But This Altcoin Continues To Surge
  • XLM Price Prediction In September & Which Altcoins Could Rise Over 25x Next Month
TechFinancials
RSS Facebook X (Twitter) LinkedIn YouTube WhatsApp
  • Homepage
  • Newsletter
  • Contact
  • Advertise
  • Privacy Policy
  • About
© 2025 TechFinancials. Designed by TFS Media.

Type above and press Enter to search. Press Esc to cancel.

Ad Blocker Enabled!
Ad Blocker Enabled!
Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.