Covert dealings: Airlink investigates after SAA allegedly lands competitor’s ‘highly sensitive info’

The new, unprivatised South African Airways (SAA) has already run into legal and ethical turbulence as questions are being asked about how it came into possession of confidential commercial information belonging to one of its competitors.

The Citizen has seen evidence that commercial information from SAA competitor Airlink, which flies to a network of destinations across South Africa and Africa, is in the hands of SAA.

The information details travel agencies and consortiums, key actors for any airline’s bottom line, along with the financial values of each relationship with Airlink.

Airlink unaware

Airlink confirmed that the data belongs to them and contains, according to chief executive Rodger Foster, “highly commercially sensitive” information.

The airline was unaware that SAA held the information until approached for confirmation by The Citizen.

“Airlink is in the process of investigating all the ramifications and taking the appropriate legal advice.”

The two airlines are also involved in discussions about alleged unethical behaviour involving not only the poaching of Airlink staff, but the allegedly illegal use of Airlink’s intellectual property – its human resources department job specification files.

At the centre of both incidents is SAA’s marketing and sales general manager Carla da Silva, who resigned from Airlink to join SAA in November last year.

ALSO READ: Is SAA in for a hard landing?

A copy of an e-mail dated 29 October 2023, seen by The Citizen, when Da Silva was still on Airlink’s payroll, showed she distributed detailed information to 10 of her SAA colleagues-to-be.

The e-mail contained instructions to include year-on-year flown revenues off Airlink’s anchor client spreadsheet in a new database. It was unclear whether Da Silva had used an Airlink or private e-mail address.

She attached an Excel document entitled “Customer database portfolio” to the e-mail, requesting that SAA’s database be updated. Airlink confirmed the Excel document was its property.

Investigations by Airlink into the alleged data breach could include a breach of the Cybercrimes Act.

Da Silva may not just be civilly liable for purportedly being in possession of and distributing the documents.

Cybercrime Act violation?

Cape Town-based law firm DKVG warned of criminal implications when transgressing the Cybercrime Act of 2022.

“The Act criminalises various types of cybercrimes, including illegally accessing a computer system or intercepting data, cyber extortion, unlawfully acquiring a password, cyber fraud, and theft of incorporeal property.

“Any person who violates this Act could face a fine, imprisonment of up to 15 years, or both.”

Forensic investigator Chad Thomas confirmed the Cybercrimes Act criminalises theft of incorporeal property.

“The intentional theft of intellectual property, trade secrets, standard operating procedures and client lists – which could be sold to a competitor or an inducement offered, such as gainful employment – could land the culprit facing serious criminal charges.

“Industrial espionage is a very real thing,” said Thomas.

READ MORE: Numsa calls for an investigation into Pravin Gordhan’s role in the sale of SAA

Correspondence directed at SAA acting chief executive Prof John Lamola in January this year, also seen by The Citizen, suggested that the Cybercrimes Act may have been contravened in more than one instance by Da Silva.

Airlink’s Foster wrote: “Airlink believes that Ms Da Silva and certain former Airlink employees now employed by SAA misappropriated Airlink proprietary and confidential information in breach of their confidentiality undertakings with Airlink and have since made use of this confidential information in the course of SAA’s business.”

Thomas noted that recipients of the alleged stolen property, in this case the addressees of Da Silvas’ e-mail and all currently employed by the carrier, might also be guilty of the crime had they acted upon her instruction and used the data for SAA purposes.

“Anyone who made use of or had knowledge of the act are implicated,” Thomas said.

Foster suggested there may have been more contraventions of the law.

“Da Silva has approached at least three of Airlink’s existing commercial partners with the intent of redirecting these relationships to SAA.

“The misappropriated information includes the commercial agreements between Airlink and these commercial partners.”

SAA jobs for pals saga

Two weeks ago, The Citizen reported that another whistle-blower accused Da Silva and SAA of allegedly reserving jobs for pals.

She allegedly employed about six former Airlink marketing staff after tailor-made job descriptions were drawn up, based on staffers’ Airlink functions.

Accusations that there was no recruitment for these positions were reported to SAA’s corruption hotline.

As with queries to SAA about the jobs-for-pals’ allegations, the airline ignored questions about allegations of being in possession of sensitive commercial information belonging to a competitor.

NOW READ: SAA: Business rescue process culmination of years of mismanagement