Research by digitally-led marketing agency, Rogerwilco, indicates that only 25 percent of South Africa’s most popular websites have pop-ups that explicitly ask visitors for consent to collect data about their browsing activity.
With the Protection of Personal Information Act (Popia) coming into effect as of 1 July, these company websites are at risk of facing fines of up to R10 million for each breach.
At the same time, their executives could be jailed for 10 years.
According to Rogerwilco chief executive, Charlie Stewart, “Popi requires that organisations take reasonably practicable steps to ensure that consumers know which of their personal information is being collected and for what purpose.”
While there is confusion as to whether or not South African websites need to ask visitors for their content to track them, Popi is largely based on the EU’s GDPR privacy bill, which requires people to ‘opt-in’ if tracking is applied.
“The penalties for non-compliance with Popi are significant, but fortunately, a 12-month grace period will apply during which organisations can get their house in order,” said Stewart.
He said, “The most shocking outcome from this research is that two years on from Cambridge Analytica, a scandal that changed the world, brands continue to play fast and loose with consumers’ data.
The debate must move beyond paying lip service to the legal compliance requirements and into a space where companies recognise that they need to restore consumer trust. Policies are not there to make the life of the marketers harder, but the experience of the customers better.”
What are cookies?