Why This Matters to Your Business
AI tools such as ChatGPT, Google Gemini and Microsoft Copilot have entered most South African workplaces - usually without any formal governance process. Staff use them to save time and work more efficiently. The problem is that the information they include in AI prompts often belongs to clients, patients or employees - and sharing that information with a third-party AI provider may violate POPIA.
What This Looks Like In Practice
"During a ComplyBar 14-day assessment, the governance report for a 25-person payroll outsourcing firm shows that five staff members used public AI tools with work content during the assessment period. Two instances involved pasting client company names and salary figures to help draft reports. The firm's managing director was not aware any AI tools were being used for client work. There was no policy, no audit trail and no client consent."
Potential Consequences of Getting This Wrong
Client personal information - including financial data - processed by uncontracted AI providers
POPIA violation: no client consent and no operator agreement with the AI provider
Management had no visibility of AI tool usage despite the high sensitivity of the firm's data
No audit trail of what was shared, when, or with which tool
Potential mandatory notification obligation to the Information Regulator if a complaint arises
Questions Management Should Be Able to Answer
?
Do you know which AI tools your staff are currently using for work purposes?
?
Have you briefed staff on what types of information may not be included in AI prompts?
?
If a client asked whether their information had been processed by an AI tool without their consent, what would your answer be?
?
Does your organisation have a written AI acceptable use policy that staff have been briefed on?
Artificial intelligence tools have fundamentally changed how employees work. ChatGPT, Microsoft Copilot, Google Gemini, and dozens of specialist AI tools are now part of daily workflows. But every time an employee pastes client data, financial records or confidential business information into one of these tools, they may be triggering a POPIA violation.
Why AI Tools Create POPIA Risk
Under POPIA, any processing of personal information must comply with the eight conditions of lawful processing. When an employee uses an external AI tool to process personal information, several conditions are immediately in jeopardy:
- Processing limitation: The personal information is being processed by a third-party system that was not disclosed to the data subject.
- Purpose specification: The data subject did not consent to their information being processed by an AI system.
- Further processing limitation: Using personal information for AI-generated outputs is a new purpose, not the original collection purpose.
- Security safeguards: Once data leaves your environment, you have no control over how the AI provider stores, processes or uses it for training.
Real-World Scenarios That Create Risk
These are common behaviours happening in South African offices right now:
- A payroll administrator pastes a spreadsheet of employee salaries into ChatGPT to generate a summary report.
- A conveyancer uploads a client’s ID document to an AI tool to extract details faster.
- An HR manager asks Copilot to draft a performance review using notes that contain the employee’s medical history.
- An accountant uploads a client’s financial statements to an AI assistant to identify tax saving opportunities.
- A broker uses a chatbot to draft a client proposal, including the client’s personal financial profile.
None of these employees intend to cause harm. Most believe they are being productive. But each scenario potentially violates POPIA.
The Data Retention Problem
Many AI providers retain conversation data for extended periods and may use it to improve their models. Even providers with “no training on your data” claims require careful scrutiny — the terms of service matter, and they change. South African organisations cannot simply rely on an AI provider’s privacy policy as sufficient protection under POPIA.
The key legal question is: Did your organisation take reasonable steps to prevent personal information from being shared with an unauthorised third party? If the answer is no, and a data breach or complaint follows, the Information Regulator is unlikely to be sympathetic.
Sector-Specific Risks
Some sectors face heightened risk due to the nature of the data they process:
- Legal firms: Privileged attorney-client communications shared with AI tools may lose privilege.
- HR departments: Employee health information, disciplinary records and remuneration are special-category personal information under POPIA, requiring explicit consent.
- Financial services: FSCA-regulated firms have additional obligations around data confidentiality and record-keeping that AI tool usage may compromise.
- Healthcare: Medical records are special personal information and their processing is restricted to very specific circumstances.
- Municipalities: Public bodies have obligations under both POPIA and PAIA that extend to personal information held in digital systems.
What a Responsible AI Policy Must Include
An adequate AI acceptable use policy for a POPIA-compliant organisation should cover:
- A list of approved AI tools (with data processing agreements in place)
- A clear prohibition on inputting personal information, client data or confidential business information
- Training requirements for all staff who use AI tools
- A process for reporting suspected AI-related data incidents
- Monitoring and audit provisions to detect prohibited usage
Technical Controls That Help
Policy alone is not enough. Technical controls significantly reduce risk:
- Browser extensions that detect and flag document uploads to AI tool domains
- Network-level blocking of consumer AI tool uploads for managed devices
- Data loss prevention (DLP) rules on email and cloud storage
- Approved enterprise versions of AI tools (with data processing agreements) instead of consumer versions
The Cost of Getting This Wrong
The Information Regulator of South Africa has the power to impose fines of up to R10 million and to recommend criminal prosecution. More immediately, a data breach involving AI tool misuse can result in reputational damage that is very difficult to recover from in relationship-driven industries like law, accounting and insurance.