Saps ordered to apologise for distributing details of women in Krugersdorp gang rape case

The Information Regulator (IR) has found that the South African Police Services (Saps) violated the Protection of Personal Information Act (Popia) by distributing the personal details of alleged sexual assault victims of the Krugersdorp gang rape case.

The regulator held a media briefing on Tuesday to provide updates on a number of investigations it had been conducting, including the Krugersdorp gang rape case.

It issued a summons to police in August last year on details related to the release of personal information of the Krugersdorp rape victims.

Police failure

This followed the failure by the Saps to provide sufficient detail regarding the circumstances that led to the disclosure of eight women’s personal information who were raped by illegal miners while filming a music video in West Village, Krugersdorp, on 28 July 2022.

Following the rape, the names, addresses, and ID numbers of the victims were distributed via WhatsApp to a number of people within the police force.

Chairperson of the regulator, Advocate Pansy Tlakula, said following a leak from Saps the personal information of the women was circulated on social media.

ALSO READ: Saps summoned to explain leak of Krugersdorp rape victims’ details

Investigations

Tlakula said the regulator conducted its own investigation on whether the manner in which police processed the personal information of the women was in compliance with Popia.

“The regulator issued an enforcement notice wherein it decided that the responsible party being the Saps has interfered with the protection of the personal information of the data subjects in that it breached the conditions for the lawful processing of personal details.

“Furthermore, that the responsible party did not comply with the duty to notify the regulator and the data subjects of the security compromise when it occurred as prescribed in Popia,” Tlakula said.

Apology

Tlakula said the regulator found that police violated several provisions of Popia and ordered it to apologise.

“The regulator has, against the above backdrop, amongst others ordered that the responsible party must notify the data subjects of the security compromise which relates to their personal information and they must take this action withing 31 days of the receipt of this enforcement notice.

“The Saps must also publish an apology to data subjects, prominently in major national weekly newspapers and social media platforms such as Facebook and Twitter, for processing their personal information unlawfully.

Training

Tlakula said police must also investigate the conduct of officers responsible for the unlawful processing of the personal information and include training on Popia in all police training programmes.

Saps is yet to respond to the findings of the regulator.

ALSO READ: Calls mount for Cele to resign over ‘lucky to be raped by one man’ comment