POPIA – too little too late?  

Blogpost by Nathalie Schooling

POPIA (Protection Of Personal Information Act) is now officially in full effect. Gosh, talk about getting ducks in a row!  I have to smile at the irony of all the millions of emails that got blasted out to databases this past week promising from now on to only spam upon request. Contrary to POPIA’lar belief (see what I did there?), I don’t think all will now be well.

While POPIA will hold organisations accountable for the privacy of stakeholder information, businesses will be ill-advised to think that their customers will now magically feel safer in entrusting them with their data. Whilst being POPIA compliant can certainly help put some customers’ minds at ease, there is a backlog of trust issues and a consumer lethargy that businesses need to address. Unfortunately, companies have shot themselves in the foot by letting loose with digital technologies and spam marketing, with very little consideration for the customer on the receiving end. Now because POPIA dictates it, they will ‘show’ customers they care because they have to. This is not going to erase the bad taste already left in a lot of customers’ mouths.

The consumer trust deficit 

POPIA has been a work in progress since 2005. Data security is nothing new, it’s been a concern for consumers for many years, especially because there’s been an unspoken expectation that organisations will respect their privacy. While businesses have been aware of POPIA and the disastrous implications of data breaches, why have so many waited until the very last minute to put the right processes in place to protect their customers information?  This laziness has resulted in some really poor customer experiences, loss of sales, and an erosion of ‘blind’ trust from consumers.

Let’s look at some consumer sentiment. A study conducted at the University of South Africa in 2019, found that consumers are becoming increasingly disenchanted with South African organisations when it comes to the issue of privacy and data protection. The same study also found that there is a huge disconnect between the privacy consumers are legally entitled to and what companies are doing to adhere to these privacy rights.  Research dating back further than this highlights that trust is the main hesitancy for South Africans in making online transactions.

It’s therefore evident that there is a large trust deficit that businesses need to overcome if they want to remain competitive. And let’s not forget public scepticism when it comes to governance and enforcement of POPIA.  Just because non-compliance to POPIA can land a company in hot water, this doesn’t necessarily mean customers will automatically feel safer. The public have been duped so many times and will question if proper governance will actually be enforced. Companies need to work even harder to dispel this doubt.  Remember, trust is emotional, and there’s nothing stronger than human emotion.

Authentic customer-centricity can build back trust

To build back trust, I urge companies to take a hard look at their customer experience strategy and prioritise seamless service, not cheaper overheads. According to our research, most companies believe that they are customer-centric, but in reality, this is not the case. Only a whopping 18 % of companies see the customer experience as a priority. Real trust and consumer confidence come from a series of positive experiences because if customers are having good experiences, it shows that the brand genuinely cares about them. But this care needs to be across the board, just ticking the POPIA box won’t be enough.

Since the customer experience is now very data-driven, companies are in for some serious due diligence, but given the COVID-19 pandemics’ acceleration of digital transformation, South African companies should be up for the challenge. If there’s one thing we know how to do as South Africans, it’s adapt, even if we don’t quite get it right in the beginning.