Is your website POPI-compliant?

On the 1st of July, the Protection of Personal Information Act, or POPI Act as it’s commonly called, came into effect. POPI requires an organisation to take reasonable, practical steps to ensure that consumers know which of their personal information is being collected and for what purpose.

75% of SA’s top websites not POPI-compliant

There remains some confusion as to whether or not South African websites need to ask visitors for their permission to track their content, as POPI is largely based on the EU’s GDPR privacy bill, which requires people to ‘opt-in’ if tracking is applied. Fortunately, there is a 12-month grace period for organisations to comply. This would bode well for South African websites, since research by digital marketing agency, Rogerwilco, shows that only 25 percent of South Africa’s most popular websites have pop-ups that explicitly ask visitors for consent to collect data about their browsing activity. The consequences of non-compliancy could be dire, with companies facing fines of up to R10 million per breach, and/or executives being jailed for up to 10 years.

Time to get your pop-ups up!

Presently about 90% of sites do have a cookie policy in place which informs a user about the type of information that will be stored e.g.: the pages or items they viewed, their login and password, their settings etc. This same information can also be sold to advertisers so that ads relating to products the user previously searched for, appear on other sites they visit. The only problem is most cookie policies are often hidden in the website’s footer, or elsewhere, meaning the average user never ever reads them.

Hopefully as POPI compliance improves, more pop-ups will start appearing across sites, providing clarity as to the info being collected about their customers and their website usage, which in turn should bolster consumer trust, which is key in the world of cyberspace!