Get ready to change your passwords again. There’s been yet another massive data breach, this time in the form of Facebook having stored millions of user passwords in plain text format.
Is it any wonder that some of the questions I get asked most nowadays are around data privacy regulations? If the world’s biggest companies are struggling, what hope do the rest of us have of getting it right?
Data privacy is complicated. And it’s something we need to talk about more, in ways we all understand. That’s why I’d like to share some of the questions I get most from CEOs and business owners on how new data regulations like PoPIA and GDPR will affect them.
I’m no lawyer, nor do I play one on TV, so I’d like to answer these questions from the perspective of an executive whose organisation is currently going through its own data privacy journey.
There’s been a lot of brouhaha about data privacy recently. Why is it so important?
At its heart, privacy is a limit on government power, as well as the power of private sector companies. The more someone knows about us, the more power they can have over us. We know that personal data is used to make very important decisions in our lives – from what financial products we get approved for to the kind of medical treatment we get. In the wrong hands, personal data can be used to cause us great harm. Just ask anyone who’s been on the receiving end of identity fraud.
What’s with all these acronyms I keep reading about? PoPIA and GDPR?
The two are regulations meant to increase data privacy and protection for ordinary people. GDPR, which stands for General Data Protection Regulation, is an EU law and addresses the export of personal data outside EU and EEA areas. And considering the EU is one of SA’s biggest trading partners, this has the potential to affect many local businesses.
PoPIA – the Protection of Personal Information Act, is an all-encompassing South African law that seeks to create conditions for the handling of personal data in a responsible and transparent manner.
Should I step back and leave this one for the lawyers to handle?
As they’re two of the most important developments in data privacy regulation in the last few decades, I wouldn’t recommend it. Both can impose massive fines for non-compliance – up to €20-million or 4% of a company’s global turnover in the case of GDPR. Under PoPIA, the Information Regulator can impose a fine or imprisonment of up to R10 million or ten years in jail, as well as compensation to customers who have had their data compromised.
So is it important because it’s about avoiding fines?
As scary as the fines are, it’s not the penalties that should be driving adoption of these regulations. First, it just makes good business sense. Poor data management can lead to costly breaches and reputational damage to your business. Customers are also increasingly aware of how businesses use their personal data, valuing transparency and getting some of value in return.
Then there’s the simple fact that the world is changing and we need to adapt. Data is the fuel that powers the digital revolution. Not only is there a lot more of it out there, it’s also a powerful tool to solve problems and grow business. With great power comes great responsibility – we need to understand what data is, how it works, and how to use it in a way that isn’t exploitative.
It is the right thing to do as a responsible business. Privacy will become integral to the way we work in the future and will differentiate you from your competitors. That’s why privacy needs to become part of your business DNA.
What if I’m a small business that doesn’t work with data? I’m safe, right?
Just because you’re not Facebook doesn’t mean you don’t work with data. Customer accounts, emails, phone numbers, financial and credit records, CVs – all of these contain personal data and fall under the domain of PoPIA and need to be handled responsibly. Remember, we’re living in a world where sharing too much information in tweets can lead to major consequences.
While GDPR and PoPIA might be the catalysts starting discussions about data privacy, adapting to this evolving digital world is about changing the way we work.
Practically, what do I need to do?
To start, businesses will have to perform some critical self-assessments to identify what personal information they hold and process and whether their processes comply with the principles set out on PoPIA and the GDPR. It’s important not to see compliance as ticking a few boxes however as these are principle-based legislations. There is no one-size-fits-all approach – you will need to apply the principles according to the context of your business and data needs. You’ll need to start treating data – how you collect it, what you use it for, how you dispose of it and so on – as an ongoing strategic imperative.
Between PoPIA and GDPR, which one reigns supreme?
There is no hard and fast answer to this – it depends on where you do business and how likely you are to be handling the personal information of EU citizens. If you’re domiciled in the EU or do business outside of SA’s borders, you’d obviously have to comply with GDPR first and foremost. However, even businesses that don’t do business internationally can’t afford to ignore GDPR completely. Given how we leverage technology (and transfer data), you may just hold the personal information that has been exported from the EU or EEA.
If both apply, which one should I tackle first?
If you compare PoPIA with the GDPR you’ll notice that, except for semantics, the principles are aligned. So if you meet the principles of PoPIA, you’ll already be largely compliant with those imposed by the GDPR. At TransUnion, our approach has been to implement best practice data privacy principles, rather than focus on compliance of the one or the other. This is the best approach if you’re a business that operates globally.
When do I need to get my data ducks in a row?
GDPR became effective on 25 May 2018, while PoPIA’s effective date is still unknown after the regulations were published 14 December 2018. Once that date is proclaimed, industry will have to comply within 12 months of that date. However, with GDPR already in play, a number of complaints have already been escalated to the respective information regulators.
Creating a culture of privacy within your organisation takes time and is best started today. Understanding and adjusting to these new approaches to privacy is not a once off event but a new way of working. Beginning your journey early not only gets you ready to comply with PoPIA, it puts you in the best position to keep evolving your privacy strategies alongside new developments.
How do you rate against your peers when it comes to data privacy? TransUnion will be partnering with ITWeb for a South African study on data privacy as we head towards the official date when PoPIA comes into effect. I’ll be sharing more details in the weeks to come, as well as further discussions on the evolving face of data privacy.
Cape Town not so calm – if you’re a driver
Cape Town drivers lose on average 162 hours a year to traffic jams, so will need some tech and a few tips to stay calm
Cape Town drivers lose, on average, 162 hours a year stuck in traffic jams, and the city is ranked 95th out of around 200 cities, across 38 countries surveyed globally, in terms of congestion issues.
That’s according to the latest INRIX 2018 Global Traffic Scorecard, which is an annual analysis of mobility and congestion trends. The study provides a data-rich evaluation of information collected during peak (slowest) travel times, and inter peak (fastest point between morning and afternoon commutes) travel times. Together they provide a holistic account of congestion throughout the day, delivering in-depth insights for vehicle drivers and policy-makers to make better decisions regarding urban travel and traffic health.
Of the further five South African cities surveyed:
- Pretoria drivers lose, on average, 143 hours a year stuck in traffic jams, ranking as the 64thmost congested city
- Johannesburg drivers lose an average of 119 hours annually, ranking 61st
- Durban drivers lose 72 hours, ranking 141st
- Port Elizabeth drivers lose 71 hours, ranking 75th
- And Bloemfontein drivers lose 62 hours, ranking 165th
If these hours sound horrific, spare a thought for the poor drivers in Colombia’s capital city of Bogotá who lose, on average, a whopping 272 hours a year stuck in traffic jams!
On average, drivers’ commutes increase by roughly 30% during peak versus inter-peak hours. And the reality is that congestion issues aren’t going away anytime soon. Not here in SA, or anywhere else in the world. So what can we, as drivers, do to make the situation easier to cope with on our daily commute?
Change of mindset
Stressing about the unavoidable, the inevitable, and all the things that are out of our control – like congestion caused by accidents, faulty street lights, or bad weather – is a waste of energy. We should try finding ways of using that time in our cars more productively, to create a less tense, more positive experience. Learning to change our perspective about this challenging time, and associating it with something enjoyable, can drastically alter our reaction to and engagement with it. Rather than expending all our energy on futile anger and frustration, we can channel our focus on things that relax or energise us instead.
Just one more chapter
Being stuck in traffic usually aggravates us because it feels like a huge waste of valuable time. But like a wise man once said, time you enjoy wasting is not wasted time. Listening to a podcast or audiobook can not only be entertaining, but also educational, which is a brilliant use of your time. Ifyou think of your car as a ‘learning lab’, a mobile university of sorts, and your time spent inside as away to exercise your brain and grow intellectually, you may even find yourself wishing for bad traffic so you have an excuse to carry on listening to your podcast or audiobook.
Tame your inner Hulk
Pulling up a playlist of your favourite, feel-good songs can do wonders to combat stress levels. Downbeat music has been proven to have a mellowing effect on drivers. Making a quick switch to downbeat music shows measurable physiological improvements, with drivers calming down much sooner, and making fewer driving mistakes. So the next time you feel your inner Hulk emerging, crank up the volume on your favourite tunes.
The power of ‘caromatherapy’
There are numerous studies on aromas and their impact on human emotion, behaviour, and performance. Researchers have found that peppermint can enhance mental and athletic performance and cognitive functioning, while cinnamon may improve tasks related to attentional processes and visual-motor response speed. A study from Kyoto University in Japan revealed that participants reported significantly lower hostility and depression scores, and felt more relaxed after awalk through a pine forest. It makes sense then, to incorporate some ‘caromatherapy’ into our lives. There are plenty of off-the-shelf car diffusers available, or you could add a few drops of essential oil to DIY felt air fresheners. Citrus scents like orange or lemon can provide a boost of energy, while rosemary can relieve stress and anxiety. Take care not to hang anything that might obstruct your field of vision though, and always make sure to test out essential oils at home first, in case a scent makes you dizzy or overly relaxed, which could affect driving focus.
Contemplate your navel
The mind is a powerful thing, and simply willing yourself to relax might be the most effective method of all. While we don’t recommend meditating while driving due to safety reasons, breathing exercises can help you stay focused and feeling calm. One useful practice is the one-to-one technique – breathing in and out for the same count with the same intensity. Deep, measured breaths facilitate full oxygen exchange, helping to slow down the rate of your heartbeat and stabilise blood pressure, as opposed to shallow breathing, which doesn’t send enough air to the lowest part of your lungs, causing you to feel anxious and short of breath. Just always keep your eyes on the road, and take care to ensure you’re not so busy counting breaths that your concentration is compromised.
Not all those who wander are lost
Some of our best ideas come in those moments where we’re alone with our own thoughts, able to really reflect on the ideas we have without having something immediate that needs our attention. Allow your mind to wander, and do a little brainstorming. Alternatively, use the time to simply day dream. Remember, downtime is not dead time. It is both necessary, and important for your mental health. Use this time as an opportunity to take care of yourself.
In-built vehicle tech
“As we spend more and more time commuting, cars are being designed to accommodate longer periods behind the wheel,” says Kuda Takura, smart mobility specialist at Ford Motor Company of Southern Africa. “Ford uses human-centric design to deliver vehicles that are inviting, accommodating, and intuitive. For example, our SYNCT infotainment system offers nifty, hands-free functions, like allowing drivers to listen to their texts, change music or climate settings, and make phone calls easily with voice control. Our range of driver-assist technologies, like Adaptive Cruise Control, Pre-Collision Assist with Pedestrian Detection and Semi-Auto Active Park Assist, are also designed to take some of the stress off city driving. If our lifestyle means that we might be spending more time in our cars than we do on holiday, then we should make sure we make the most of that time.”
Vodacom exits Africa biz services
Vodacom Group has sold Vodacom Business Africa’s operations in Nigeria, Zambia and Cote d’Ivoire to Andile Ngcaba’s Synergy Communications. The two entities are in the process of concluding the acquisitions, which are subject to the approval of the regulatory authorities within these markets.
Vodacom says the transaction supports the Group’s enterprise strategy in Africa, which has been refocused to grow and strengthen its core business. It will no longer directly service global enterprise customers in these three markets but will rather continue to operate as a pan African telecommunications networks provider through local relationships, like the one with Synergy Communications.
This acquisition represents a significant milestone in Synergy Communication’s quest to be a leading provider of cloud and digitally based services in key markets across sub-Saharan Africa and provides key additional assets in its build out of a regional footprint. Synergy Communications currently has operations in Botswana, Malawi and Mozambique.
Andile Ngcaba, Chairman of Synergy Communications said: “This is an exciting landmark transaction for Synergy Communications, providing us with additional momentum in the delivery of our strategy as a pan-African enterprise digital Services Provider. Synergy Communications will partner with major global cloud providers and deliver platform-based services to both multi-nationals and local enterprises.”
Shameel Joosub, CEO of Vodacom Group, said: “Vodacom has a clear vision for strengthening our position as a leading pan-African business and will work with local service providers like Synergy Communications to grow in these markets. Crucially, Vodacom is not exiting any of the territories related to this transaction and remains focused on continuing to deliver exceptional service to our global and multinational clients in these markets through long-term commercial agreements.
“To support the sustainable growth of pan African digital economies and building connected societies, Vodacom will, via local service providers, continue to service clients in each market. We seek to leverage the collective strengths of Vodacom and Synergy Communications to meet the changing requirements of clients across each of these markets.”