News / National
Zimbabwe backtracks on fines for ordinary WhatsApp group admins
10 Nov 2024 at 10:40hrs | Views
The government has clarified that WhatsApp group administrators who do not gather personal information from members for commercial purposes are exempt from obtaining a licence from the telecommunications regulator, Postal and Telecommunications Regulatory Authority of Zimbabwe (Potraz). This announcement comes in response to misinformation circulating on social media suggesting hefty fines for WhatsApp group admins without a licence.
According to Statutory Instrument (SI) 155 of 2024, introduced in September under the Cyber and Data Protection Act, those collecting personally identifiable information (PII) such as names, addresses, and phone numbers from social media groups for commercial use must apply for a data controller licence. The regulation specifically affects individuals or entities gathering PII from over 50 people for business purposes.
Information Communication Technology, Postal and Courier Services Minister Tatenda Mavetera emphasized that social media group admins who are not using collected data for commercial gain will not be penalized. "The Government has no intention to license or penalise WhatsApp groups or administrators of any social media platforms which do not collect and process personally identifiable information for commercial or business use," Mavetera stated in an interview with The Sunday Mail. She dismissed rumors of a US$2,500 fine for WhatsApp group administrators, calling the claims "incorrect and malicious."
Minister Mavetera attributed the confusion to a misunderstanding of the Statutory Instrument's scope, which applies only to those collecting PII for business from large groups. "We are referring to persons that collect PII from groups of 50 to 50,000 data subjects for business purposes. The group owner is accountable if they collect personal information for commercial purposes," she clarified.
The Cyber and Data Protection regulations mandate that any entity processing personal information with a commercial intent must obtain a licence from Potraz. Violators could face a fine of up to level 11, or imprisonment for up to seven years, or both. However, exemptions apply for data collected for personal, family, journalistic, historical, or archival purposes.
The government's clarification aims to dispel concerns among WhatsApp group admins who feared penalties and underscores that the regulations are targeted at data controllers with commercial interests.
According to Statutory Instrument (SI) 155 of 2024, introduced in September under the Cyber and Data Protection Act, those collecting personally identifiable information (PII) such as names, addresses, and phone numbers from social media groups for commercial use must apply for a data controller licence. The regulation specifically affects individuals or entities gathering PII from over 50 people for business purposes.
Information Communication Technology, Postal and Courier Services Minister Tatenda Mavetera emphasized that social media group admins who are not using collected data for commercial gain will not be penalized. "The Government has no intention to license or penalise WhatsApp groups or administrators of any social media platforms which do not collect and process personally identifiable information for commercial or business use," Mavetera stated in an interview with The Sunday Mail. She dismissed rumors of a US$2,500 fine for WhatsApp group administrators, calling the claims "incorrect and malicious."
The Cyber and Data Protection regulations mandate that any entity processing personal information with a commercial intent must obtain a licence from Potraz. Violators could face a fine of up to level 11, or imprisonment for up to seven years, or both. However, exemptions apply for data collected for personal, family, journalistic, historical, or archival purposes.
The government's clarification aims to dispel concerns among WhatsApp group admins who feared penalties and underscores that the regulations are targeted at data controllers with commercial interests.
Source - sundaymail