BusinessTech recently reported on a South African case in which a woman made a claim for repairs to her BMW after hitting a tree, stating that she had been driving the vehicle.
However, her son had posted a photo of the car after the accident, saying ‘crashed mum’s BMW after a night on the town, but don’t worry, it’s insured‘.
The insurer subsequently rejected the claim.
While this case points to the danger of incriminating yourself on a public forum, there are also a number of questions as to how far insurance companies may go in tracking you on social media.
Timothy Smit, director at Cliffe Dekker Hofmeyr, said that insurance companies may use any information found on a public Facebook profile.
“Yes, there is a right to privacy in s14 of the Constitution and it includes the right not to have your communication infringed – but that right is not absolute,” he said.
“It is framed by subjective and objective expectations of privacy. When you click ‘I accept’ on the standard terms and conditions on any social media platform, you erode your own subjective expectation of privacy.”
Smit said that Facebook expressly states in its Terms of Service that it ‘provides a personalised experience for you’.
This is done by analysing ‘the connections you make, the choices and settings you select, and what you share and do on and off our products’.
“Your objective expectation of privacy requires the rest of society to recognise your expectation of privacy as being reasonable. So, if you are Instagramming your dinners, tweeting your workout routine or vlogging about your online dating – society will assume that you aren’t a very private person,” he said.
Information obtained by hacking?
Smit warned that South Africa’s legal position is also not clear on whether insurance companies may use unlawfully obtained information – such as information obtained by hacking – when making a decision.
“In Harvey v Niland and Others, Harvey relied on Niland’s private Facebook posts to prove that Niland was secretly competing and violating his fiduciary duties to their joint business,” he said.
“Was the Facebook evidence admissible? Niland said it infringed his right to privacy and was obtained through the commission of an offence under s86(1) of the Electronic Communications and Transactions Act.”
In his ruling, Judge Plasket held that the Act didn’t prohibit evidence obtained in contravention of s86(1) but reasoned that the admission of the evidence would depend on:
- The nature and extent of the violation of Niland’s right to privacy; and
- Whether Harvey could have obtained the evidence in another, lawful way.
“Judge Plasket found that hacking Niland’s Facebook communications would have produced both information that was relevant to the issue before him and information that was irrelevant and entirely private,” said Smit.
“The relevant portion accessed established that Niland had been conducting himself in a duplicitous manner, contrary to the fiduciary duties he owed to the business – not to mention the fact that he had denied the allegations and undertaken not to do as he had done.”
Finally, the Judge found that the evidence was essential to Harvey’s case and could not in practice have been procured in another, lawful way.
All he had was a suspicion but, without the hacked posts, he had no evidence of Niland’s wrongdoing, said Smit.
“Arguably, an insurer can also rely on unlawfully obtained evidence to defeat a fraudulent claim,” he said.
Smit said that this raises issues where a fraudulent claimant is obviously acting dishonestly and the only way the insurer can prove it is by accessing information unlawfully.
“Should the rest of us have to pay higher premiums because Jane Soap faked a knee injury and then used her pay-out to go skiing? Surely not.”
“It is an intriguing debate, but in the meantime, you might want to re-evaluate your online and in-app activity and decide what sort of privacy you expect to enjoy.”