Before March 2022, all you needed to obtain a new cell phone number or do a Sim swap was an identification document and a proof of address. However, after ICASA’s proposal to link sim cards with biometrics, more private information could be required.
In March, the Independent Communications Authority of South Africa (ICASA) announced draft regulations that proposed linking phone customers’ biometric data to their SIM cards. Mobile operators will have access to fingerprint mapping, facial recognition, retina scans, and biometric and behavioural data related to consumers’ SIM cards and phone numbers if the bill is signed into law.
There are conflicting responses to the proposal. For instance, according to Gur Geva, co-founder, and CEO of iiDENTIFii, the goal of the new suggestions is to avoid severe crime and safeguard consumers from the financial and emotional agony of identity fraud when connected phone numbers are utilized. According to Geva, the technology for tying biometrics to SIM cards is well-established and, more importantly, safe and secure.
“Criminals who use many mobile numbers in illegal activities including fraud, money laundering, terrorism and kidnapping would have a harder time hiding from law enforcement should new regulations come into effect. And because biometric data cannot be copied, consumers would have an added layer of protection against their cell number being used in identity theft or to authenticate fraudulent payments.”
On the other hand, the public is plunged into privacy concerns and data breaches to which they could expose themselves. Naz Consulting International’s CEO, Nazareen Ebrahim, says: ” Citizens have a low level or no trust with government, so the first question that tops everyone’s mind is what will the government do with these additional private data points.”
This concern is of significant value because the public have waning confidence in data privacy, seeing the number of data breaches in the public and private sectors. Always-on bad actors or hackers are always ready to sell such sensitive data to the dark web.
The above data breach risk is dependent on how the private data would be stored. According to Geva, biometric data management will be subject to strict privacy laws laid out in the Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR) guidelines. He gives assurances that the biometric data will not be stored, so the information is encrypted and non-transferrable.
Despite the assurance given by ICASA, the public is still sceptical of the new regulation. A public campaign, run by Dear SA, an advocacy non-profit received nearly 21,000 responses, with most people opposing the proposal. This clearly shows that the public is unwilling to give in and adhere to the potential law that would force them to give their unique physical and behavioural characteristics. This draft regulation simply comes out as invasion of privacy for the public.
Only time will tell if this draft regulation becomes law. Meanwhile, ICASA is encouraged by John Endres, South African Institute of Race Relations, to find a less intrusive way to combat fraud.
Naz Consulting International is a South African Black Woman-Owned Level 1 BEE company. We are Media and Communication Specialists. We provide solutions for brand development, online conferencing and management; and reputation management