The Democratic Alliance sparked a debate about its campaigning for the local elections currently underway across South Africa with its massive SMS campaign reminding people to vote. The reasons for the controversy included the absence of any form of opt-out mechanism in the SMS messages themselves. This is a message I received from the DA this morning:
Consumers are accustomed to commercial messages containing instructions how to opt-out of receiving further messages from the marketer that originated the message. In this case there is clearly no such set of instructions. It is worth pointing out that this apparent failing isn’t just the DA’s, the ANC sent out its own SMS messages to its database:
While these messages may appear to be illegal given the absence of this opt-out mechanism, it is worth looking into the origins of the requirements for such a mechanism. Two Acts have the requirement for an opt-out mechanism and form the basis for the opt-out paradigm marketers operate under in South Africa at the moment:
- Electronic Communications and Transactions Act; and
- Consumer Protection Act.
Electronic Communications and Transactions Act requirements
The Electronic Communications and Transactions Act requires an opt-out mechanism in section 45 which states the following:
Unsolicited goods, services or communications
45. (1) Any person who sends unsolicited commercial communications to consumers, must provide the consumer –
(a) with the option to cancel his or her subscription to the mailing list of that
(b) with the identifying particulars of the source from which that person obtained the consumer’s personal information, on request of the consumer.
(2) No agreement is concluded where a consumer has failed to respond to an unsolicited communication.
(3) Any person who fails to comply with or contravenes subsection (1 ) is guilty of an offence and liable, on conviction, to the penalties prescribed in section 89(1).
(4) Any person who sends unsolicited commercial communications to a person who has advised the sender that such communications are unwelcome, is guilty of an offence and liable. on conviction, to the penalties prescribed in section 89(1).
In many ways section 45 of the Electronic Communications and Transactions Act was a forerunner to section 11 of the Consumer Protection Act which adopts an approach based on an interpretation of the right to privacy entrenched in the Bill of Rights. Section 11 of the Consumer Protection Act provides as follows:
Right to restrict unwanted direct marketing
11. (1) The right of every person to privacy includes the right to—
(a) refuse to accept;
(b) require another person to discontinue; or
(c) in the case of an approach other than in person, to pre-emptively block,
any approach or communication to that person, if the approach or communication is primarily for the purpose of direct marketing.
(2) To facilitate the realisation of each consumer’s right to privacy, and to enable consumers to efficiently protect themselves against the activities contemplated in subsection (1), a person who has been approached for the purpose of direct marketing may demand during or within a reasonable time after that communication that the person responsible for initiating the communication desist from initiating any further communication.
Going a step further is that WASPA (the Wireless Applications Service Provider’s Association, a self-regulating body set up to govern mobile activities like SMS marketing campaigns) prohibits SMS spam in its Code of Conduct (Disclosure: I am an independent adjudicator for WASPA). Section 5 deals with Commercial Communications and section 5.2 deals with Identification of Spam:
5.2. Identification of spam
5.2.1. Any commercial message is considered unsolicited (and hence spam) unless:
- the recipient has requested the message;
- the message recipient has a direct and recent (within the last six months) prior commercial relationship with the message originator and would reasonably expect to receive marketing communications from the originator; or
- the organisation supplying the originator with the recipient’s contact information has the recipient’s explicit consent to do so.
5.2.2. WASPA, in conjunction with the network operators, will provide a mechanism for consumers to determine which message originator or wireless application service provider sent any unsolicited commercial message.
The WASPA Code is binding on its members which probably include the providers whose platforms were used to send the DA’s and ANC’s messages.
At a glance, it would seem that the DA and the ANC acted illegally by not complying with the Electronic Communications and Transactions Act’s and Consumer Protection Act’s requirements but closer examination of these provisions is required. In the first instance, section 45 of the Electronic Communications and Transactions Act refers specifically to “unsolicited commercial communications”. Communications (SMS is a included in this category) must therefore have a commercial quality to be subject to the Electronic Communications and Transactions Act’s requirements. When it comes to the Consumer Protection Act, section 11 refers to approaches or communications for “direct marketing” purposes. Direct marketing, in turn, is defined as follows:
“direct marketing” means to approach a person, either in person or by mail or
electronic communication, for the direct or indirect purpose of—
(a) promoting or offering to supply, in the ordinary course of business, any goods or services to the person; or
(b) requesting the person to make a donation of any kind for any reason;
The Consumer Protection Act clearly requires some form of commercial rationale for the messaging in order for its privacy protections to apply. A similar principle applies to the WASPA Code which uses the term “commercial message”.
When it comes to the DA’s and ANC’s messages, these can not appropriately be described as being commercial messages (except, perhaps in very broad terms). They are political and public interest messages intended to solicit votes from citizens and encourage them to vote, generally. This effectively means the Electronic Communications and Transactions Act, the Consumer Protection Act and even the WASPA Code and their requirements for opt-out mechanisms will not apply. This doesn’t, however, get the DA and the ANC off the hook.
A compelling argument could be made that the general right to privacy in the Bill of Rights which is the underlying legal basis for the Electronic Communications and Transactions Act’s and the Consumer Protection Act’s provisions requires that, in order to adequately protect citizens’ right to privacy, they should be afforded an opportunity to opt-out of receiving party political messages like these. The Consumer Protection Act speaks specifically about the right to opt-out as being part of the “right of every person to privacy” and while the Consumer Protection Act has a clear commercial focus, the same principle should arguably apply to political messaging like the DA’s and the ANC’s SMS campaigns. If this argument has merit, the DA and the ANC should have included opt-out mechanisms in their messages. Such a mechanism could be as simple as allowing recipients to reply “STOP” to the message and have their details removed from the relevant marketing database.
This incident highlights these databases which organisations are using to market their services, products or activities. In addition to receiving the SMS from the DA, I also received a call from the DA this morning reminding me to vote. The caller had my contact details cross referenced with my voting station and the voters roll. I don’t know how much more information the DA (or other parties) have or how readily this information is being made available to anyone with the money to buy the databases. These databases are a privacy black hole and there isn’t nearly enough transparency about how these databases are compiled, sold and what personal information they contain. This issue, together with incomplete legal analysis which enable messages like these from the DA and the ANC, have the potential to seriously erode people’s right to privacy by removing their ability to make decisions regarding their personal information before they are even aware of the issues.