When Data Harassment Becomes a Crime: How Data Brokers, Corporates, and Social Media Platforms Exploit Personal Information — and What You Can Do About It

By /

Introduction: When a “Simple Call” Becomes Something Far More Serious

Earlier this month, a South African family experienced something that should never have happened.
An 82-year-old woman received seven unsolicited sales calls from an insurance company in a single morning. Confused and worried that it might be a family emergency, she rushed to answer the phone, slipped in the bathroom, and fell.

When her family investigated, the insurance company admitted the calls were theirs — and even traced the woman’s contact details back to a Facebook ad click she had accidentally touched while watching reels.

That small, innocent action — a tap on a screen — led to a cascade of personal data being shared, sold, and exploited.

This case is not unique. It is part of a growing pattern of data harassment and corporate negligence that has become a daily reality for South Africans.

At Simply Solitude, we specialise in uncovering exactly how and why these incidents happen — and in holding those responsible to account.

The Hidden Data Economy: How Your Information Is Being Sold

When you click on an ad or sign up for a competition, your data doesn’t stop with the company you interacted with.

Behind the scenes, data brokers collect, package, and sell millions of South Africans’ details to marketers, call centres, and even fraudulent operators.

These brokers build detailed profiles — often including:

  • Full names
  • Contact numbers
  • Income brackets
  • Geographic locations
  • Purchase intentions

That information is then sold to multiple buyers — meaning your “one click” might end up on 10 or more databases, each spawning endless calls, messages, or phishing attempts.

Even large, reputable companies sometimes buy this data without verifying its origin, turning a blind eye to how it was sourced.

In the case above, Facebook automatically shared personal data with the advertiser when the user clicked — a feature many users don’t realise exists. The result? A clear example of consent by confusion — one of the biggest problems in modern digital ethics.

Why This Violates Privacy — and Possibly the Law

In South Africa, The Protection of Personal Information Act (POPIA) exists to protect citizens from exactly this kind of abuse.

Under POPIA:

  • Personal information may only be collected with explicit and informed consent.
  • Data may only be processed for the specific purpose it was obtained.
  • Companies must secure and respect the information they hold.
  • Consumers have the right to know who holds their data and why.

When a company uses your information to contact you without clear consent — especially if that information was obtained through a third party — that may constitute a POPIA violation.

Unfortunately, enforcement remains limited, and many companies gamble that their actions will go unnoticed.

Corporate Negligence and the Data Broker Loophole

The excuse often heard from companies is:

“We didn’t collect the data — we bought it from a third party.”

But that argument doesn’t hold up under scrutiny.

If a company buys or uses data, they are still responsible for ensuring it was obtained legally. Turning a blind eye doesn’t protect them from liability.

At Simply Solitude, we’ve investigated numerous cases where companies relied on outsourced marketing or “lead generation” firms that operate outside compliance boundaries. These intermediaries act as shields — but the ultimate accountability remains with the brand that made the call.

The Human Impact: When Harassment Leads to Harm

Behind every complaint or privacy breach is a human being.

  • Elderly individuals startled by constant unsolicited calls.
  • Consumers tricked into fake competitions.
  • Professionals whose private numbers end up in scam networks.
  • Families who suffer emotional distress, or even physical harm, due to corporate carelessness.

The issue is not just about privacy; it’s about safety, dignity, and accountability.

Every time a company dials your number without permission, it chips away at the trust between consumers and businesses.

The Investigator’s Role: How Simply Solitude Traces the Data Trail

When incidents like this occur, most people feel powerless — but you don’t have to be.

Simply Solitude conducts corporate and data-related investigations that uncover how personal information is misused, shared, or traded.

Our process typically includes:

  1. Data Mapping: Tracing the path your information took — from the first point of collection to the final user.
  2. Digital Forensics: Analysing ad clicks, metadata, and call records to confirm how consent was obtained (or not).
  3. Corporate Intelligence: Identifying intermediaries, data brokers, or offshore call centres linked to the breach.
  4. Evidence Reporting: Preparing a full investigative report that complies with legal standards for possible litigation.

These investigations often reveal hidden chains of responsibility that link social media platforms, brokers, and end-user companies.

How Simply Solitude Works With Attorneys

While Simply Solitude cannot litigate directly, we partner with law firms to provide the evidentiary foundation for legal action.

Our investigative reports give attorneys the verified data trail they need to:

  • Prove negligence or unlawful data processing.
  • Quantify harm caused by harassment or breach.
  • Support POPIA, Consumer Protection Act, or civil claims.

In essence, we handle the facts and intelligence — the attorney handles the law and prosecution. Together, this creates a powerful mechanism for accountability.

Your Rights Under POPIA (and What You Can Do)

If you or a loved one are being harassed by unsolicited calls or suspect your data has been shared without consent, you have legal rights.

Here’s what you can do immediately:

  1. Request Access: Ask the company how they obtained your information. They are legally required to tell you.
  2. Withdraw Consent: Instruct them to remove you from all databases and stop contact.
  3. File a Complaint: Contact the Information Regulator of South Africa if the company fails to comply.
  4. Document Everything: Keep a record of all calls, messages, and interactions.
  5. Engage an Investigator: A professional firm like Simply Solitude can trace where your data originated and how it was used.
  6. Consult an Attorney: Legal partners can pursue civil damages or formal complaints based on the evidence.

The more structured and documented your response, the stronger your case becomes.

A Growing National Issue: Data Harassment in South Africa

Unsolicited calls, fake competitions, and SMS marketing have become so common that many South Africans consider them “normal.”

But normal doesn’t mean legal.

South Africa’s data economy has ballooned into a multi-billion-rand industry built on unverified consent and poor data governance. Without stronger enforcement and public awareness, this behaviour will continue unchecked.

It’s time for consumers — and responsible businesses — to push back.

The Need for Corporate Accountability and Data Ethics

Companies must take responsibility for the third parties they engage and the data they use.

That means:

  • Conducting due diligence on lead providers.
  • Maintaining clear, traceable consent records.
  • Training staff on POPIA compliance.
  • Reporting and correcting breaches immediately.

True corporate integrity begins not with compliance paperwork, but with ethical data behaviour — doing the right thing even when no one is watching.

The Simply Solitude Commitment

At Simply Solitude, we believe in protecting the truth — and the people behind it.

Our mission is to bring transparency and accountability into corporate environments where negligence, data trading, and fraud too often go unchallenged.

Whether it’s tracing a privacy breach, investigating internal misconduct, or assisting with complex legal claims, our team combines investigative precision with absolute discretion.

Because sometimes justice begins with a single question:

“Who gave them my number?”

Conclusion: Data Harassment Is Not Just Annoying — It’s Dangerous

The story of one elderly woman’s fall after a barrage of unsolicited calls is not just a tragedy; it’s a warning.

When technology, marketing, and negligence collide, the results can be devastating.

Every South African has the right to privacy, dignity, and respect for their personal information. Companies that fail to honour that right must be held accountable — not only by regulators, but by those willing to investigate and expose the truth.

If you suspect your personal data has been misused or sold, you don’t have to face it alone.

📞 Contact Simply Solitude

Confidential | Discreet | Professional

Let’s uncover the truth and restore your right to privacy.

👉Call now 0822157674
📧 info@simplysolitude.com
#DataPrivacy #POPIA #CorporateAccountability #Investigations #SimplySolitude

BPC REPORT 4: 1.3.0 Free Checklist Not Completed, 15/05/2026 12:40:59 Active Has SSL Cookies disabeled or was accepted
Scroll to Top