- users phone number;
- other user’s numbers stored in the address books;
- features the user uses;
- type of phone;
- mobile network and IP address; and
- location information.
One of the biggest concerns to WhatsApp users was the possibility that their personal messages would also be shared along with their other personal data. WhatsApp has however clarified the issue and reiterated that all messages will stay fully encrypted. Full end-to-end encryption of messages ensures that only the data subject and the person they are communicating with can read or listen to what is sent, and nobody in between, not even WhatsApp. With end-to-end encryption, messages are secured with a lock, and only the recipient and the data subject have the special key needed to unlock and read them. All of this happens automatically.
What is the POPI Act
The POPI Act, which was signed into law on the 19th of November 2013, is South Africa’s comprehensive data protection law which regulates the processing of data subjects, both natural and juristic persons, personal information. It’s designed to protect data subjects from data breaches, cybercrime, theft and discrimination. The POPI Act enforces how responsible parties may collect, process, store and share the data subjects personal information by holding them accountable should they abuse or compromise the personal information they hold in any way.
The risks of non-compliance include reputational damage, fines and imprisonment, and paying out damage claims to data subjects.
How is the Information Regulator (South Africa) addressing your concerns
VDMA’s team of experts will continue to monitor and report on the developments of the WhatsApp investigations and are available to assist you and your business with any POPI requirements you may have.