Truecaller, the popular caller ID app, is under investigation by South Africa’s Information Regulator for allegedly violating the country’s Protection of Personal Information Act (POPIA) through misuse of user data.
The investigation follows complaints that Truecaller improperly labels some businesses as spam and demands payment for removal, charges the company denies. Truecaller insists it does not charge for whitelisting and that its use of contact permissions complies fully with POPIA regulations. Known for identifying unknown callers and blocking spam, Truecaller argues that accessing users’ contact lists is necessary for core app functions, not for collecting or misusing personal data.
However, privacy experts remain sceptical, especially about how Truecaller displays information about individuals who have never downloaded the app or given consent. Senior associate Lucinda Botes of Phukubje Pierce Masithela Attorneys explained that displaying information on non-users raises legal concerns under POPIA’s principle of “openness,” which requires clear communication about how personal data is collected and used.
Many individuals featured in Truecaller’s database may not have consented to their data being shared via others’ contact lists. The law protects businesses, which can request removal or clarification of wrongly tagged information to protect their reputations.
