Deep Dive Data — Independent data journalism, Harare
Data Rights & Breach Law · June 3, 2026On June 3, EcoCash's account was hijacked for over seven hours. Customer names, national IDs, account numbers, and transaction references were accessible to the attacker. Zimbabwe's Cyber and Data Protection Act sets a strict response clock. The 24-hour POTRAZ deadline has passed with no confirmed action.
InnBucks links 7 data types to your identity. Some apps share location data with third-party advertisers. Most users have never seen this information in one place.
Five years of IPEC data on EcoSure: how a product used by over a million policyholders was built to profit from the people who left without claiming.
Read InvestigationLiquid Home charges a monthly modem insurance fee that most subscribers never agreed to. We calculated what that adds up to across their entire subscriber base.
Read InvestigationA database of Zimbabwean banking and fintech apps rated by data collection practices — what they take, what they share, and who's watching.
Read InvestigationA live compliance clock tracking Zimbabwe's mandatory breach notification window — 24-hour POTRAZ deadline already passed with no confirmed action.
Read InvestigationIndependent analysis on Zimbabwe's financial sector, digital rights, and public accountability — straight to your inbox.
No spam. Unsubscribe any time.
