Search this journal:     Advanced search
Original Research

Towards a conceptual framework for protection of personal information from the perspective of activity theory

Tiko Iyamu, Yandiswa Ngqame

SA Journal of Information Management; Vol 19, No 1 (2017), 7 pages. doi: 10.4102/sajim.v19i1.867

Submitted: 22 March 2017
Published:  06 November 2017

Abstract

Background: Personal information about individuals is stored by organisations including government agencies. The information is intended to be kept confidential and strictly used for its primary and legitimate purposes. However, that has not always been the case in many South African government agencies and departments. In recent years, personal information about individuals and groups has been illegally leaked for other motives, in which some were detrimental. Even though there exists a legislation, Protection of Personal Information (POPI) Act, which prohibits such malpractices, illegally leaked information has however, not stopped or reduced. In addition to the adoption of the POPI Act, a more stringent approach is therefore needed in order to improve sanity in the use and management of personal information. Otherwise, the detriment that such malpractices cause too many citizens can only be on the increase.

Objectives: The objectives of this study were in twofold: (1) to examine and understand the activities that happen with personal information leaks, which includes why and how information is leaked; and (2) to develop a conceptual framework, which includes identification of the factors that influence information leaks and breaches in an environment.

Method: Qualitative research methods were followed in achieving the objectives of the study. Within the qualitative methods, documents including existing literature were gathered. The activity theory was employed as lens to guide the analysis.

Result: From the analysis, four critical factors were found to be of influence in information leaks and breaches in organisations. The factors include: (1) information and its value, (2) the roles of society and its compliance to information protection, (3) government and its laws relating to information protection and (4) the need for standardisation of information usage and management within a community. Based on the factors, a conceptual framework was developed.

Conclusion: This study can be used to guide implementation of information protection acts in any environment. It empirically contributes to societal awareness on how and why personal information is leaked and breached. Also, it will benefit academic domain, particularly in the use of activity theory.


Full Text:  |  HTML  |  EPUB  |  XML  |  PDF (2MB)

Author affiliations

Tiko Iyamu, Department of Information Technology, Cape Peninsula University of Technology, South Africa
Yandiswa Ngqame, Department of Business Administration, Cape Peninsula University of Technology, South Africa

Keywords


Metrics

Total abstract views: 178
Total article views: 216

Cited-By

No related citations found

Comments on this article

Before posting your comment, please read our policy.
Post a Comment (Login required)


ISSN: 2078-1865 (print) | ISSN: 1560-683X (online)


Connect on: Facebook, Twitter, Google+, LinkedIn and YouTube

Subscribe to our newsletter

All articles published in this journal are licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license, unless otherwise stated.

Website design & content: ©2017 AOSIS (Pty) Ltd. All Rights Reserved. No Unauthorised Duplication Allowed.

AOSIS Publishing | Empowering Africa through access to knowledge
Postnet Suite #110, Private Bag X19, Durbanville, South Africa, 7551
Tel: 086 1000 381
Tel: +27 21 975 2602
Fax: 086 5004 974

publishing(AT)aosis.co.za replace (AT) with @

Please read the privacy statement.