The most astounding thing about the Experian security breach of 24-million South Africans’ personal data is not that the credit agency willingly gave the information to a "fraudster", but that Experian will escape unpunished because of years-long delays in finalising legislation.The Protection of Personal Information (Popi) Act only came into effect in July this year and gives companies until next July to comply with regulations.That means the 24-million consumers and 800,000 businesses whose data was handed to a "fraudster" by Experian have no recourse. Similarly, the so-called Master Deeds data breach — where an estimated 60-million South Africans’ details were exposed in 2018 — also won’t be penalised.The Popi Act now finally has some real teeth to protect people’s data. If it had been immediately applicable, Experian could have been fined as much as R10m, while its directors could have been jailed for as long as 10 years.Experian says the breach happened because of a "fraudulent...

Subscribe now to unlock this article.

Support BusinessLIVE’s award-winning journalism for R129 per month (digital access only).

There’s never been a more important time to support independent journalism in SA. Our subscription packages now offer an ad-free experience for readers.

Cancel anytime.

Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.