'No ulterior motive in ICASA linking biometrics to SIM cards'

Sibahle Malinga
By Sibahle Malinga, ITWeb senior news journalist.
Johannesburg, 05 May 2022
Mothibi Ramusi, CIO of the National Lotteries Commission.
Mothibi Ramusi, CIO of the National Lotteries Commission.

The Independent Communications Authority of South Africa’s (ICASA's) draft regulations to link people's biometric data to their SIM cards are a step in the right direction in the fight against crime.

This was the word from Mothibi Ramusi, CIO of the National Lotteries Commission, speaking yesterday at the Public Sector ICT Forum event, held in Johannesburg, under the theme: “Creating a culture of innovation and collaboration in the public sector”.

Ramusi discussed the importance of innovation in the digital economy.

Responding to questions from members of the audience about ICASA’s latest controversial move to crackdown on fraudulent SIM card activities, Ramusi stated that citizens should trust government does not have any ulterior motive, other than to protect users from being victims of fraud.

In March, ICASA published draft regulations proposing to tie the biometric data of phone users in SA to their SIM cards. The proposal, included alongside other draft regulations, is out for public comment until 11 May.

The regulations define biometric data as the measurement and statistical analysis of people's unique physical and behavioural characteristics.

If passed into law, this means mobile operators will have access to users’ fingerprint mapping, facial recognition, retina scans, and biometric and behavioural data, tied to their SIM cards and phone numbers.

While the draft regulations have received much public criticism, with security experts raising data security concerns, Ramusi believes government should be given the benefit of the doubt, as the move is the next step to using innovation in cyber security.

“Even before the establishment of SITA [State IT Agency], government had long been on a mission to create a digital profile of citizens. Whether that profile is through biometrics, a SIM card or something else is irrelevant.

“Identification of citizens via biometrics is merely the next evolution to a trend that was started decades ago, and the important thing is that innovation should be in the forefront and policies should be adjusted according to the requirements of the digital economy,” commented Ramusi.

According to the South African Banking Risk Information Centre, in 2021, SIM-swap fraud had increased by 91%, year-over-year.

Under ICASA’s proposal, the biometric registry would be used to authenticate the identity of subscribers when purchasing a new SIM card, or when doing a SIM swap.

While security experts expressed concerns that the new laws may infringe on compliance requirements set out in the Protection of Personal Information Act (POPIA), Ramusi believes that if passed, the proposed law can be implemented within the confines of POPIA.

POPIA provides guidelines for the protection and safe storage of personally identifiable information, with conditions including processing limitations and specifications, and limitations on how data should be stored and safeguarded.

“I want to encourage all of us here to trust that government knows what it is doing and they will ensure utmost safety of citizens’ data. Anyone that talks about this type of innovation being a threat to us should focus on the ultimate outcome of what government intends to achieve through this proposed regulation, which has been introduced across the globe, not only in South Africa.

“When citizens place too much emphasis and fears on the potential violation of POPIA compliance, they will miss out on the benefits they can reap through safety, and the endless innovation opportunities that can be unlocked for them by being able to walk around carrying their biometrics data on their phones.”

Countries that have introduced similar laws include China, Afghanistan, Mexico, Pakistan, Nigeria, Saudi Arabia, Jordan and Venezuela.