NEWS

Privacy Of Sassa Beneficiary Information Is A Concern, Says Activist Researcher

How else does Sassa use the information in that huge biometric database?

08/03/2017 14:26 SAST | Updated 15/03/2017 12:00 SAST
Gallo Images / Sowetan / Sandile Ndlovu
A woman sells clothes at a flea market outside SASSA pay point in March 2017 in Mpumalanga.

A political activist and researcher believes citizens should be extremely concerned about how the South African Social Security Agency (Sassa) is treating the personal information of its grant beneficiaries.

In launching his research on privacy in the country on Wednesday, Dr Dale McKinley raised red flags about Sassa's database, which he said was one of the "largest biometric databases in the public sector".

Addressing a Right2Know (R2K) panel discussion in Cape Town, he challenged the idea that biometric systems increased security and combated fraud and corruption.

He cited an example of a granny receiving only R300 of her R1 000 pension because of a number of deductions for various services.

"There has been a shift in fraud from the individual area to the legitimised, corporate, profit-making level. It is a trick and sleight of hand in the name of convincing people to give us biometrics."

He said this was the "most outrageous thing" happening in the country at the moment.

"We should all be up in arms. It is legitimised stealing," he claimed.

Marketing

McKinley's report, titled New Terrains in Privacy in South Africa, details how close to 17 million beneficiaries have had their fingerprints, photographs, and sometimes voices, captured for an automated payment system in a contract with Net1/Cash Paymaster Services (CPS).

In 2014 the Constitutional Court declared the R10bn grant payments tender run by Net1 UEPS' CPS invalid over irregularities in the awarding of the deal.

The social development department and Sassa have until March 31 to ensure the social grants scheme operation is not in contravention of the Constitutional Court ruling.

McKinley stated in his report that the central database of biometrics was problematic, especially when it came to privacy.

"CPS, owned by a larger company, Net1, which in turn has partnered with Grindrod Bank and Mastercard, has used the biometric database to create a massive hardware and software network to market a range of financial services to beneficiaries."

Once in the system, he said, beneficiaries were inundated with offers for various services.

These included funeral services, airtime and small loans.

Also on offer, he said, were "other cards that can be used like a shop card/current account and which require the provision of SIM card numbers and the signing of contracts with little transparency and no recourse".

He believed that such a system treated personal information privacy with contempt or simply ignored it.

Sharing of information

McKinley wanted to know what Sassa officials were doing with the information to which they had access.

He also wondered what parts of the information database were being kept, shared and possibly sold on by all private entities that ran and managed the smart card system.

Lastly, he wanted clarification on how Sassa's biometric information was being shared across other state databases, such as home affair's population register, the SA Revenue Service's database and that of the Government Employees Pension Fund.

In court papers in response to an application by Black Sash, Net1 CEO Serge Belamant denied that CPS was involved in "unlawful marketing practices" to recipients or that it sold goods or products to beneficiaries.

However, his court papers indicated that Net1 subsidiary companies "market and provide financial products to beneficiaries".

"They do not, however, engage in unlawful marketing practices or conduct 'ambush marketing' as the Black Sash suggests. The services are provided within a strictly regulated environment, under the scrutiny of the National Credit Regulator, the Financial Services Board and the SARB, and operate entirely independently from CPS," said Belamant.

He added that grant recipients are also required to agree with terms and conditions regarding the Sassa-branded Grindrod bank accounts, and that "these are displayed when beneficiaries are enrolled".

He added that a matter dealing with the legality of the processing of debit orders and EFT instructions from beneficiaries' Sassa accounts is awaiting a judgment in the High Court and may "ultimately reach this Court on appeal".

News24