'This has been especially evident following tragic scholar transport accidents, where graphic images of injured or deceased children have been circulated without consent,' says Baloyi.
The South African Human Rights Commission (SAHRC) has raised concerns about the lack of data privacy in South Africa and its impact on children.
The commission said that while South Africa has made important progress in establishing a legal framework for data protection, particularly through the constitution and the Protection of Personal Information Act (Popia), there are concerns that must be addressed.
On Data Privacy Day 2026, observed last week, the SAHRC affirmed that the protection of personal data is inseparable from the protection of human dignity, equality, and freedom.
Digital exposure
In an era of artificial intelligence (AI), social media, and constant digital exposure, privacy violations have real and lasting human consequences.
SAHRC spokesperson Wisani Baloyi said the Popia affirm privacy as a fundamental right and imposes clear duties on those who collect, process, and share personal information.
“The commission remains concerned that the lived reality of many people does not reflect the promise of these protections. Data breaches, identity theft, unlawful surveillance, and the reckless sharing of personal information continue to occur with alarming frequency. Compliance is uneven, enforcement remains weak in practice, and public awareness of data rights is still limited.”
ALSO READ: A cyberattack every 39 seconds: Upgrade PCs to upgrade security
Data breaches
In July 2025, The Citizen reported that South Africa continues to be a target of cybercriminals, ranking 27th globally in the most breached countries in the second quarter of 2025, highlighting persistent cybersecurity gaps.
A new report by Surfshark revealed that a total of 369 600 accounts were leaked in the country.
Surfshark’s report indicates that more than 21,000 South African accounts were breached between April and June, which translates to approximately three per 100,000 people.
In total, South Africa has had a total of 124.2 million personal records exposed since 2004. On average, each email is breached with 2.9 additional data points.
Concerns
The commission said it is particularly concerned about the impact of data misuse on marginalised groups, including children, women, young people, older persons, and persons with disabilities.
“Children’s rights to dignity and privacy are routinely violated through the unauthorised sharing of images and videos on social media.
“This has been especially evident following tragic scholar transport accidents, where graphic images of injured or deceased children have been circulated without consent, exposing identities and compounding trauma for families and communities,” Baloyi said.
‘Think critically’
Baloyi urged individuals to take active steps to protect their own data, to think critically before sharing information, and to respect the privacy and dignity of others.
He added that public institutions have a duty to act lawfully, transparently, and proportionately when processing personal data, and must avoid unlawful surveillance and data misuse.
NOW READ: Communications minister says Icasa data bundle expiry amendment will bring ‘relief’ to users
