What South Africa’s spam call crackdown means for Vodacom, MTN, and Telkom

South African mobile operators aren’t too fazed by the Information Regulator’s crackdown on spam calls in the country. MTN, Telkom, and Vodacom have told MyBroadband that their marketing policies align with Section 69 of Protection of Personal Information Act (POPIA).

South Africa’s Information Regulator slapped telemarketing firm FT Rams Consulting with an enforcement notice — its first resulting from a direct marketing complaint.

MyBroadband asked MTN, Telkom, and Vodacom how the watchdog’s crackdown will impact their direct marketing practices.

MTN South Africa said that while it doesn’t believe consent is required for marketing via telephone, it will amend its policies if necessary.

It said POPIA defines electronic communications as “any text, voice, sound or image message sent over an electronic communications network which is stored in the network or in the recipient’s terminal equipment until it is collected by the recipient”.

“MTN is of the view that any marketing by a person using a telephone is excluded from the above definition, and customer consent is not required,” said MTN SA.

This is at odds with the Information Regulator’s updated interpretation of the Act.

Information Regulator chair Pansy Tlakula recently said they had obtained expert legal opinion and are issuing a guidance note stating that electronic communications, as described in POPIA, includes phone calls.

Tlakula also said they fully expect the industry to fight them on this.

MTN said it doesn’t expect the crackdown to impact on its relationships with contracted marketing firms.

“MTN has robust contract clauses and annexures in place that incorporate penalty clauses to ensure compliance,” it said.

“MTN constantly keeps abreast with regulatory changes and, if necessary, will amend its policies, processes, and procedures as soon as updates are received. MTN’s policies, processes, and procedures align with the provisions of POPIA.”

Telkom said it ensures its third-party call centre stakeholders are POPIA-compliant. This includes performing ad hoc control self-assessments with its call centres.

“Telkom is continuously driving awareness programs with both internal and external stakeholders,” it said.

“Telkom contacts existing customers for the purpose of onboarding, education and promotion of products or services in relation to their current product portfolio.”

“All communication elements include an opt-out opportunity. The Opt-out database is managed daily, and customer touch rules are applied accordingly,” Telkom added.

It said it will continue to assess the effectiveness of its compliance controls and amend its processes, systems, and tools if necessary.

While Vodacom says its marketing contractor policy aligns with POPIA, it notes that this depends on new regulatory requirements relating to telemarketing practices.

“We do not expect any material impact on the relationships with our call centre partners, as we currently contract with them in line with POPIA and are obligated to adhere to lawful marketing practices and standards,” it told MyBroadband.

“Vodacom will assess any new regulatory requirements governing telemarketing practices that may be evident in the Guidance Note.”

“Vodacom is looking forward to the Guidance Note to be issued by the Information Regulator on this matter and will provide further commentary on the Guidance Note during the public consultation process,” Vodacom added.

South Africa’s Information Regulator slapped FT Rams Consulting — a training institution — with an enforcement notice in late February 2024.

It said it was the first notice issued to a telemarketer that resulted from a direct customer complaint.

The watchdog said the firm is guilty of spamming the complainant with calls despite several opt-out requests and requests to be removed from the marketing list.

“FT Rams Consulting blatantly ignored the pleas from the data subject and continued to send them marketing messages on email,” the regulator said.

According to the sanction, FT Rams Consulting must ensure that the first communication they send to data subjects requests their consent and must only do so once.

It has been instructed to provide evidence of its compliance with these orders to the Information Regulator.

It has 90 days to comply with the watchdog’s instructions, and non-compliance will result in a fine of up to R10 million or imprisonment for up to ten years.