Act leaves loopholes for fraudsters

As the rate of identity theft accelerates, some have asked how information becomes available to companies and people pushing goods and services that an individual has no knowledge of requesting.

According to a Price Waterhouse Coopers report on the Protection of Information Act, the act stipulates that ‘marketing by means of unsolicited email is prohibited unless certain provisions apply – organisations need to implement opt-in and opt-out strategies’.

While companies may do their best to protect their employees so that ‘personal information may only be used for the purpose agreed with your customers and employees’, when the individual is not protected by compliance in the corporate world two things may happen:

“One,” said Manie van Schalkwyk, executive director of the Southern African Fraud Prevention Service (SAFPS), “there is a ready market for fraudsters to target their victims, and two, individuals sign up for a number of offers, subscriptions, services or entertainment without thought to the consequences.”

These are the ways in which data can be exposed: social media where privacy settings are not understood or properly applied; a data leak such as the recent Sassa grant system where individuals were targeted by people selling loans; or hacking the information of a company’s directors and executive staff members.

The act stipulates that ‘processing of special personal information is prohibited unless certain provisions apply,’ yet it appears there are loopholes around this, particularly in digital communication.

Van Schalkwyk said everybody should be careful when they receive emails requesting information updates. “This updated information can be used to apply for goods and services that the user has no intention of ever paying for.”

The first time the victim becomes aware of the service is when they get the call from a debt collector. In one instance a woman who became a victim of identity theft was listed with three cell phone networks, for amounts running to about R10 000 each.

She was also liable for payment on an account with the Edcon Group that she had never opened. It took the woman many months and a great deal of anxiety to have the charges reversed.

The easiest way to prevent this from happening, said Van Schalkwyk, was to check your credit report regularly.

“Also, protect your data vigorously. Treat it like cash. Be careful about who you share it with and change your passwords regularly – at least once a month.”

Van Schalkwyk said, “Millennials are more trusting with the information they put online and social media and this is where they become vulnerable. The older generation is less comfortable online and therefore share information more selectively.”

Your identity can be lost or stolen or compromised. When your identity is compromised it may be as a result of losing our phone or laptop.

Van Schalkwyk said if one’s identity or information were stolen, individuals could apply for Protective Registration on the SAFPS database.

“The benefit of Protective Registration is that all member organisations, including banks, clothing and furniture retailers and some insurance companies, have access to the SAFPS database and any identity theft or fraud will be flagged and can be prevented. This is a free service and consumers are encouraged to use it.”

To apply for Protective Registration or if you are a victim of identity fraud, please SMS the word ‘Protectid’ to 43366 to be contacted or email safps@safps.org.za