Warning for estates and complexes that scan visitor car and drivers licences in South Africa.
Estates, complexes and gated communities in South Africa are being warned to be careful about how they collect and handle visitors’ personal information. South Africa’s Information Regulator is finalising a code of conduct that will govern how controlled-access properties process visitor data under the Protection of Personal Information Act (POPIA).
Local access control and visitor management software company ATG Digital warned that, once in place, the code will subject data collection at residential estate boom gates to much tighter scrutiny. This means many of the practices South Africans have become used to when entering estates may no longer be acceptable.
Some of these practices include handing over a driver’s licence, signing an open visitor book or having personal details copied down.
According to ATG Digital, the upcoming rules will force estates and complexes to rethink long-standing security and privacy practices. “South Africa’s estates and office parks are bracing for a major shakeup at their security boom gates,” it said.
It added that the Information Regulator is finalising a POPIA Code of Conduct for Gated Access that will directly impact how controlled-access properties collect and store visitor data.
The biggest issue is that many estates may be collecting too much information, keeping it for too long, or storing it in ways that expose it to other people. Examples of problematic behaviour include leaving visitor books open for everyone in the queue to read, copying ID books, and driver’s licences without a valid reason. Other issues include collecting personal details that have little or nothing to do with access control—such as employment history or family information.
If a visitor records one of these incidents and reports it, the estate, complex or body responsible could face an investigation by the regulator. In more serious cases, POPIA breaches can lead to fines and even criminal prosecution. ATG Digital said the old approach to access control is no longer good enough.
“If your security team controls who enters and leaves, and you process personal information to do that, this Code is aimed squarely at you.” Estates themselves will be held responsible.
For further information visit the link: https://businesstech.co.za/news/property/855647
Article by Malcolm Libera