Most Read Contributor in South Africa, September 2016
As we previously reported, the Protection of Personal
Information Act 4 of 2013 ("POPI") was signed into law in
November 2013. Those provisions which deal with the establishment
of the Information Regulator came into effect on 11 April 2014.
Expectations are that the President will proclaim the rest of
the provisions of POPI into effect once the Information Regulator
has been established.
The ball got rolling on the appointment of the Information
Regulator in April 2015, when Parliament requested that the
nomination of five candidates for this position be submitted to the
Portfolio Committee on Justice and Correctional Services (by 14
August 2015). On 11 November 2015, the Portfolio Committee met to
discuss the appointment of the Information Regulator. They then
called for a workshop with the relevant stakeholders to discuss the
importance of POPI, its relationship with legislation such as the
Promotion of Access to Information Act and the Protection of State
Information Act, and whether the Act provides sufficient protection
to those in rural areas.
It is unclear why Parliament decided on a workshop and if the
resultant delay in the commencement of the balance of the Act is
truly warranted. Many organisations are not yet compliant with
POPI, and such a workshop would arguably afford them more time and
could also abate some of the challenges faced by them in becoming
compliant. Small to medium enterprises, particularly those that
rely on the processing of personal information to generate
business, have been identified as a category that will be hard hit
by the costs of complying with POPI. However, most of the issues
earmarked for discussion at the workshop were already discussed in
the legislative process leading up to the promulgation of POPI in
Any issues that such a workshop may seek to address or clarify
prior to the commencement of the balance of the Act, could arguably
be addressed in the 12 month grace period the Act affords to
organisations to become compliant with the Act (once enacted in its
entirety). Rather than delaying the commencement of the core of
this much-needed piece of legislation, the grace period could be
extended to assist organisations that are not yet compliant, or
foresee difficulties with implementation.
2015, therefore, saw very little development in relation to the
announcement of a commencement date for the balance of the Act, and
there is currently no indication when this will be.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The Nigerian Communications Commission (NCC) has concluded plans to introduce Lawful Interception (LI); a legally sanctioned official access to private communications, such as telephone calls or email messages
After 10 years of debate, South Africa’s President Jacob Zuma has finally signed South Africa’s first framework privacy bill into law, the Protection of Personal Information Bill.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).