Most Read Contributor in South Africa, September 2016
To give effect to the constitutional right to privacy, on 20
August 2013, the National Assembly passed the Protection of
Personal Information Bill (B9D of 2009), which is largely based on
the European Data Protection Directive (to be replaced in due
course by the stricter General Data Protection Regulation). The
Bill was signed into law by the President on 19 November 2013 and
was gazetted as the Protection of Personal Information Act 4 of
2013 ("POPI") on 26 November 2013.
As mentioned in a previous
ENSight, POPI will come into force on a date to be determined
by the President by proclamation in the Gazette. Certain provisions
relating to the establishment of the Information Regulator
("Regulator") and the making of regulations under POPI
were brought into force on 11 April 2014.
Although nominations for the appointment of the Regulator were
called for last year, no appointment has yet been made and draft
regulations have not yet been published. On 11 November 2015, a
parliamentary "workshop" was convened to consider and
debate the role of the Regulator. Parliament has now called for a
further workshop to be held this year.
It is probably fair to presume that the Regulator will only be
appointed and draft regulations will only be published after this
workshop. With local government elections in May 2016, we
anticipate that the POPI commencement date will be in the second
half of 2016.
Until we receive credible feedback from Parliament and the
Minister, a great deal of uncertainty remains. One thing is,
however, clear: given the global trend towards stricter
data-protection regulation, POPI is not going away and companies
are well advised to get their "data houses" in order
before the POPI rush.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
This is the second bulletin published by Clyde & Co's Commercial Group relating to data protection and privacy in the Middle East.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).