Potraz to probe Cyber and Data Protection Act viol...

Potraz to probe Cyber and Data Protection Act violations

Zim Now Writer

The Postal and Telecommunications Regulatory Authority of Zimbabwe says it will investigate alleged violations of the Cyber and Data Protection Act following an enquiry by the Media Institute of Southern Africa on alleged third-party access to personal data in breach of the Act.

In response to the letter of enquiry by Misa Zimbabwe National Director, Tabani Moyo, on April 11, Potraz Director-General. Dr Gift Machengete, said:

“In accordance with section 6 (1) (g) of the Cyber and Data Protection Act (Chapter 12:07) (hereinafter referred to as ‘the Act’), the Authority hereby acknowledge the receipt of your complaint on alleged violations of the Act and shall be opening an investigation in terms of section 6 (1) (f) and (h) of the Act.

“We take this opportunity to assure Misa Zimbabwe in particular, and the public in general, that the Data Protection Authority is on a trajectory to promote and enforce better protection of personal information in line with the mandate encapsulated under the Act.”

Moyo wrote to Potraz after mobile phone users received messages soliciting votes ahead of the 2023 elections.

He asked how third parties accessed citizens’ personal data, including phone numbers, saying the messages were personalised and based on constituency segmentation as per the voters' roll, and possibly in breach of the Act, which governs the use of personal biometric data.

In response, to the Potraz letter dated May 9, 2023, Moyo said:

“Misa is encouraged and gratified by the authority’s assurances in this regard, as it goes a long way in keeping the people of Zimbabwe’s personal information safeguarded and protected from being accessed by third parties without consent.

“We, therefore, wish the Authority firmness and assertiveness as it proceeds with the investigations to their logical conclusion.”