A report produced by Cerebra and Consilium Legal Services addresses the impact that the Protection of Personal Information Act (POPI) has on how one runs one's social media activities and specially, what one needs to know regarding how to acquire, handle and dispose of personal information that is being shared by customers across various social media platforms.
The paper addresses four components:
1. The who, what and why
2. The detail within POPI
3. The effect on social media
4. Practical steps to compliance
"Very few businesses are aware that POPI will have an impact on their social media activities," says Mike Stopforth, CEO at Cerebra. "Businesses that collect personal information on social media are now required by law to assume responsibility as the guardian of a customer's personal information and to do what is required to protect that information."Govern personal information
The primary and most obvious impact is that it will govern personal information collected via social media channels. Businesses everywhere use their social media platforms as customer service channels and typically deal with a large volume of personal information. It is important to note that even if a business is using a social media agency to manage its social media engagements, the business itself will be responsible for any POPI breaches.
Another tenet of the bill is that the information captured may only be used for a specific purpose. In the world of social media, it is very tempting to use data mined during the course of a campaign for something other than its original intention, such as the creation of 'influencer' lists to invite or include these identified individuals in future activities.
To do so, without the permission of the individual involved, is in direct contravention of the POPI bill and the perpetrator, agency and even client, may be heavily fined for their efforts. Worse still, they could potentially accrue some jail time.
For more information, download the full report at Cerebra - POPI pdf