The Consumer Protection Act & the Protection of Personal Information Bill

By kimvisser, 24 May, 2011

Download the POPI pdf (250K)  and Consumer Protection Act (544KB)

Don't be caught and April Fool, 27 January 2011


The 1st April brings along not only mischievous taunts, teasers and tricks but two very instrumental legislations to consider in South African business relationships – The Consumer Protection Act and the Companies Act.

Respect for the Customer: A new relationship unfolds between the consumer and practically every business and their respective channels in South Africa, one that appears to empower the consumer.  It bears a direct influence, alongside the Electronic Communications and Transactions Act (ECT), on how businesses conduct marketing, promotions, competitions, direct sales and advertising via emails, phone calls, sms and mms messages.  Your products and services need to be kept honest and accessible within a sustainable market place without encroaching on your consumers’ right to privacy and choice.

The Act endeavours to promote fair trade and protect consumers  from improper business practice. The consumer commission has a duty to establish a registry for the pre-emptive blockingof marketing offers, and will monitor competitions to ensure that consumer rights are protected in line with the CPA.  Any Anti-competitive behaviour could find itself at the Competition Commission – and all this could happen without you ever finding out ‘who done it’ as the complainant may retain their anonymity.

Non-Compliance: There is still a grace period  to the end of March 2011.  Businesses have this time to become familiar with the Consumer Protection Act (download  here) and ensure all your strategies are adjusted and client marketing records are reputable.  Avoid landing up in any of the many available legal forums for consumer complaints including a National Tribunal Council, the National Consumer Commission the ombud’s office, consumer or even criminal court. It is well worth the effort as penalties can be as severe as 10% of the company’s annual turnover, or  R1 million.  There is no doubt as claims are likely to increase so is the cost of business. 

Protection of Personal Information Bill (POPI)

  • Passed by Cabinet in August 2010; may become law in March 2011– must still pass through Parliament and the National Council of Provinces
  • Aims to protect processing of personal information (i.e. collection, receipt, recording, organisation, storage, updating, modification, retrieval, alteration, use, dissemination and merging)
  • Marketing communications to an existing customer may only be sent if a business provided the customer with an opportunity to opt-out of such further communications at the time when his or her contact information was first obtained. Unless a business can comply with the above, it will only be able to send out direct marketing communications if it obtains the explicit consent (opt in) of an individual.
  • Each marketing communication sent to customers must include opt-out instructions.
  • Such direct marketing communications may only be used for a purpose disclosed at the time the contact information was obtained, e.g. to promote similar products and services sold by the same business  eg, if someone has booked a hotel room through you in the past, you can market travel and tourism to them, but not financial services.

POPI – Non-marketing communication

  • Non-marketing electronic communications that do not require explicit consent from individuals or opt-out instructions include:
    • communications required by law eg tax documents,
    • communications that are necessary to protect a legitimate interest of the individual or the business eg a health warning for traveling to an area.
  • Recipients of communications will be able to demand proof of:
    • where their information was obtained
    • consent for the particular use thereof by a business.
  • This applies to the future collection of information AND all existing personal information that already resides within the organisation.
  • Companies also need to be able to show how customer information is being protected against theft or leakage.

The Bottom Line

  • Make sure all your current non-customer lists are opt-ins. An opt-in is an overt request from an individual to receive a specific type of communication from you at a specific frequency. If they are not opt-ins, email them and urge them to opt-in.
  • Make sure all your current customers had, at the time they became a customer, the opportunity to opt out of your mailing list – and be able to prove it if challenged or asked to do so.
  • Make sure you have a simple (ideally one click) opt out system on all your bulk emails in the future.
  • The nature of the opt in process is not specific, but make sure that whatever process you use, that you keep a clear record of each pot-in.
  • Be willing to substantially reduce the size of your lists. You are always better off with a small list of people who want to hear from you that a big list of people who don’t care.

Britefire's Email Marketing course

covers the CPA considerations.



Copyright: Portal Publishing (Pty)Ltd | Privacy Policy | Terms of Use
Skills Portal | Careers Portal | Jobs Portal | Bursaries Portal | Skills Universe
About us | Contact us
Portal PublishingPress Council