Get ready to change your passwords again. There’s been yet another massive data breach, this time in the form of Facebook having stored millions of user passwords in plain text format.
Is it any wonder that some of the questions I get asked most nowadays are around data privacy regulations? If the world’s biggest companies are struggling, what hope do the rest of us have of getting it right?
Data privacy is complicated. And it’s something we need to talk about more, in ways we all understand. That’s why I’d like to share some of the questions I get most from CEOs and business owners on how new data regulations like PoPIA and GDPR will affect them.
I’m no lawyer, nor do I play one on TV, so I’d like to answer these questions from the perspective of an executive whose organisation is currently going through its own data privacy journey.
There’s been a lot of brouhaha about data privacy recently. Why is it so important?
At its heart, privacy is a limit on government power, as well as the power of private sector companies. The more someone knows about us, the more power they can have over us. We know that personal data is used to make very important decisions in our lives – from what financial products we get approved for to the kind of medical treatment we get. In the wrong hands, personal data can be used to cause us great harm. Just ask anyone who’s been on the receiving end of identity fraud.
What’s with all these acronyms I keep reading about? PoPIA and GDPR?
The two are regulations meant to increase data privacy and protection for ordinary people. GDPR, which stands for General Data Protection Regulation, is an EU law and addresses the export of personal data outside EU and EEA areas. And considering the EU is one of SA’s biggest trading partners, this has the potential to affect many local businesses.
PoPIA – the Protection of Personal Information Act, is an all-encompassing South African law that seeks to create conditions for the handling of personal data in a responsible and transparent manner.
Should I step back and leave this one for the lawyers to handle?
As they’re two of the most important developments in data privacy regulation in the last few decades, I wouldn’t recommend it. Both can impose massive fines for non-compliance – up to €20-million or 4% of a company’s global turnover in the case of GDPR. Under PoPIA, the Information Regulator can impose a fine or imprisonment of up to R10 million or ten years in jail, as well as compensation to customers who have had their data compromised.
So is it important because it’s about avoiding fines?
As scary as the fines are, it’s not the penalties that should be driving adoption of these regulations. First, it just makes good business sense. Poor data management can lead to costly breaches and reputational damage to your business. Customers are also increasingly aware of how businesses use their personal data, valuing transparency and getting some of value in return.
Then there’s the simple fact that the world is changing and we need to adapt. Data is the fuel that powers the digital revolution. Not only is there a lot more of it out there, it’s also a powerful tool to solve problems and grow business. With great power comes great responsibility – we need to understand what data is, how it works, and how to use it in a way that isn’t exploitative.
It is the right thing to do as a responsible business. Privacy will become integral to the way we work in the future and will differentiate you from your competitors. That’s why privacy needs to become part of your business DNA.
What if I’m a small business that doesn’t work with data? I’m safe, right?
Just because you’re not Facebook doesn’t mean you don’t work with data. Customer accounts, emails, phone numbers, financial and credit records, CVs – all of these contain personal data and fall under the domain of PoPIA and need to be handled responsibly. Remember, we’re living in a world where sharing too much information in tweets can lead to major consequences.
While GDPR and PoPIA might be the catalysts starting discussions about data privacy, adapting to this evolving digital world is about changing the way we work.
Practically, what do I need to do?
To start, businesses will have to perform some critical self-assessments to identify what personal information they hold and process and whether their processes comply with the principles set out on PoPIA and the GDPR. It’s important not to see compliance as ticking a few boxes however as these are principle-based legislations. There is no one-size-fits-all approach – you will need to apply the principles according to the context of your business and data needs. You’ll need to start treating data – how you collect it, what you use it for, how you dispose of it and so on – as an ongoing strategic imperative.
Between PoPIA and GDPR, which one reigns supreme?
There is no hard and fast answer to this – it depends on where you do business and how likely you are to be handling the personal information of EU citizens. If you’re domiciled in the EU or do business outside of SA’s borders, you’d obviously have to comply with GDPR first and foremost. However, even businesses that don’t do business internationally can’t afford to ignore GDPR completely. Given how we leverage technology (and transfer data), you may just hold the personal information that has been exported from the EU or EEA.
If both apply, which one should I tackle first?
If you compare PoPIA with the GDPR you’ll notice that, except for semantics, the principles are aligned. So if you meet the principles of PoPIA, you’ll already be largely compliant with those imposed by the GDPR. At TransUnion, our approach has been to implement best practice data privacy principles, rather than focus on compliance of the one or the other. This is the best approach if you’re a business that operates globally.
When do I need to get my data ducks in a row?
GDPR became effective on 25 May 2018, while PoPIA’s effective date is still unknown after the regulations were published 14 December 2018. Once that date is proclaimed, industry will have to comply within 12 months of that date. However, with GDPR already in play, a number of complaints have already been escalated to the respective information regulators.
Creating a culture of privacy within your organisation takes time and is best started today. Understanding and adjusting to these new approaches to privacy is not a once off event but a new way of working. Beginning your journey early not only gets you ready to comply with PoPIA, it puts you in the best position to keep evolving your privacy strategies alongside new developments.
How do you rate against your peers when it comes to data privacy? TransUnion will be partnering with ITWeb for a South African study on data privacy as we head towards the official date when PoPIA comes into effect. I’ll be sharing more details in the weeks to come, as well as further discussions on the evolving face of data privacy.
Gaming gets rad at Rand Show
With the opening of the 125th Rand Show at Nasrec, south of Johannesburg, today, gamers and cosplayers have a new destination to strut their stuff.
A new addition to the show, the Gaming Entertainment Pavilion, is offering anything from gaming and cosplay to dance-offs and science displays.
The organisers provided the following information (although several million exclamation marks and exaggerations have been removed!):
There was a time when Gaming was a considered a solitary pastime, confined to single player consoles; but that truly is a thing of the past with a fully immersive Fortnite Tournament open to all Fortnite afficionados and even those just starting out. Players can battle it out over both show weekends, including a final on each weekend. Family fan clubs can also get in on the action with live broadcasts of the game as it happens across screens – a full-on Fortnite family affair. Sponsored by PlayStation, gamers are truly going to be spoiled and should get in on the action as fast as they can because R 100 000 in cash prizes is up for grabs.
Smart Technology Centre will deliver a super-fast FibreMAX 500Mbps fibre link, wholly dedicated to the gaming pavilion to ensure that absolutely nothing ruins the thrill of the National Fortnite Tournament.
“As the exclusive connectivity provider, we have gone all out to ensure an amazing experience for gamers,” says Dillynn Els of Smart Technology Centre (STC), an internet service provider (ISP) and IT technology partner. “When it comes to gaming and the best experience possible, it’s all about ensuring we provide a dedicated, uncapped, unshaped connection that makes every second count.”
Keen players can come along and enter on the day, but don’t delay because space is limited.
Fortnite Inspired Dance Off
Visitors can come along and be entertained by the finalists in the Fortnite inspired dance-off. There will be daily dances to enjoy for the entire duration of the show.
Come and play – Cosplay, to be exact.
The stage is set for a celebration of creativity and imagination that is going to be literally out of this world. Super hero heavy weights and masters of the mysterious will be letting their creative vision loose and take part in various Cosplay Tournaments and a visually stunning Cosplay Masquerade. Come see what all the fuss is about and get lost in this world costumes, colour and creative talent.
Games, Games and Science
For those wanting to get their gaming on, there will be three free play areas sponsored by Xbox with a host of games available to play. Xbox will be giving away 3 Xbox 1’s and an awesome Xbox 1X, but you truly have to be in it to win it, so make sure you don’t miss out.
The Kalahari Scientist will be onstage delighting visitors with his explosive displays that are guaranteed to up the ooh and aah factor with audiences young and old.
But wait, there’s more
Along with the larger-than-life gaming entertainment offering, visitors will also get to be the first gamers on SA soil to get a sneak peak of PlayStation’s brand new Mortal Kombat 11. Don’t miss your chance to experience the continuation of this epic saga through a new cinematic story that is more than 25 years in the making. The iconic showcasing brutal battles like never before, along with a host of customisable fighters with enhanced graphics and animations.
Other activities at the Pavilion include VR Experiences, a full-on NAG Nerf Arena, Gaming vendors with awesome gaming content, retailers selling gaming related products and software, and tutorials and workshops on how to improve your gaming skills, Celebrity Fortnite match off for charity.
With huge sponsors such as PlayStation, Xbox, MMS, NAG, SABC 2 and Smart Technology, the Gaming Entertainment Pavilion is geared up to become a hot zone of entertainment.
In case the entertainment offering just doesn’t get the heart beats racing fast enough, an all-expenses paid trip to TwitchCon USA, sponsored by PlayStation, in conjunction with 94.7 Highveld Stereo, is waiting for one lucky visitor to grab it. Every ticket purchased into the Entertainment Gaming Pavilion qualifies as an entry, so bring the whole family along for the ride.
Tickets to the Gaming Entertainment Pavilion can be purchased at the show for R 20 which gives the ticket holder access for two hours.
The pavilion will be open from 14h00 to 19h00 weekdays and 10h00 to 19h00 on weekends from 19 to 28 April 2019.
Riaad Moosa show debuts on Vodacom Video Play
Riaad Moosa’s comedy special, Life Begins, will be the first major local title to be released on Vodacom’s video-on-demand service, Video Play.
As an award-winning comedian, actor, writer and presenter, Riaad Moosa is one of South Africa’s most renowned funny men. His one-man show is available for download on the platform from today, 26 April 2019. Life Begins is rated PG-16L
Vodacom’s says its affordable video-on-demand service, Video Play, has had an incredible uptake since its launch in August 2018, with over 2-million subscribers.
“But with a proliferation of affordable video-on-demand platforms available to the South African market, what is it that gives Video Play the competitive edge?” it asked in a release this week. “Recognising the consumer’s need for flexibility and freedom of choice, Vodacom has ingeniously developed an adaptable subscription model that puts the power in consumers’ hands. Forget being tied down to a monthly subscription. Video Play gives consumers the liberty of choosing a daily, weekend or even monthly package.
“Blockbuster movies can even be viewed for a once off cost, without subscription. Furthermore, these bundles can be purchased according to niche categories and genres, from Bollywood movies to gospel music.”
Consumers are able to pay for movies and series by using their airtime or adding it to their bill, eliminating the need for a credit card. Subscribers are also able to purchase video-specific data at a fraction of the regular price to consume constant content without overspending. Daily subscriptions start from R5 a day.
Zunaid Mahomed, Group Digital and Fixed Services Officer, says: “Video Play has enabled the company to provide a seamless and enjoyable customer experience. With the addition of Riaad Moosa’s Life Begins, we’re excited to offer consumers even more quality content and a wider variety of entertainment on demand than ever before. We’re putting quality entertainment, into the hands of anyone with a mobile device and an internet connection.”
Riaad Moosa describes his show as “very philosophical and existential”.
“It involves the normal issues of getting older while at the same time experiencing, at a maturity where I’m supposed to be wise, a world that is completely turned on its head. It’s about how I negotiate all these things happening around me while trying to maintain a positive attitude. Through my comedic lens, I hope to put a different spin on that and hopefully I can enter my next 40 years with renewed vigour and excitement.”
To access Riaad Moosa’s Life Begins comedy special, register for Video via the Video Play website (www.videoplay.co.za).