Discovery Life has disclosed detailed personal information about roughly 1 000 clients in court documents it lodged as part of a Gauteng High Court (Johannesburg) application against one of its former brokers, says a Moneyweb report. Devan de Meyer resigned from the firm to join independent broking house MedBond.

Concerned he would contact clients to lure them away from the group, Discovery Life filed an urgent application on 10 September, asking the court to prohibit De Meyer from ‘contacting, enticing or soliciting away’ any of the clients listed in five annexures accompanying its notice of motion. The annexures list the names, identity numbers, landline and mobile numbers as well as e-mail addresses of the clients in question.

The court refused to entertain Discovery Life’s application, citing a lack of urgency and ordered it to pay the wasted costs.

Discovery has denied any wrongdoing, saying its former employee’s alleged unlawful conduct left it with ‘no alternative’ but to approach the court with proof that a breach had taken place to protect its clients’ data.

According to the Moneyweb report, Discovery contends that the Protection of Personal Information (PoPI) Act (sections 6 and 11) caters specifically for circumstances such as this and provides an exemption for disclosure to be made to the court to demonstrate breach.

It says its submission contained no medical details, policy information and investment details which it believes the adviser to be in possession of. The objective of Discovery’s actions in this instance is ‘solely’ to protect client information. ‘To this end, as an additional precaution Discovery requested the judge to seal the court papers – and it is now in the process of being sealed.’ The insurer says it has contacted all the affected clients by phone.

Consumer law attorney Trudie Broekmann points out the PoPI Act has only been partially implemented. The only portions of the Act that already apply are ones allowing government to set up the Information Regulator and make regulations.

According to Moneyweb, Broekmann says if PoPI had applied, it would in her view have prevented the applicant from disclosing the personal information of its clients (the ‘data subjects’) as it appears the precondition of minimality and reasonability have not been met, as the information does not appear to be necessary for purposes of the court application.

The ‘data subjects’ whose information was disclosed by the applicant can already complain to the Information Regulator, she adds. Broekmann says the disclosure of the personal information may also be in breach of the code of conduct for financial services providers under the Financial Advisory and Intermediary Services (FAIS) Act in that the applicant has apparently failed to obtain its clients’ consent before making their personal information public.

This she claims may also amount to the applicant failing to treat its clients fairly, reasonably and justly. The disclosure of the clients’ information, in this case, was, in her view, neither in the public interest, nor required by law, says the report.

Full Moneyweb report