The Protection of Personal Information Bill (Bill) has finally been passed by the National Assembly on 20 August 2013 and will now be submitted to the President for signature once it has been translated into Afrikaans.
“The Bill has solicited significant and lengthy debate amongst citizens and corporate South Africa since it was first introduced in Parliament in 2009. The Bill regulates data protection and privacy in South Africa and will, upon promulgation, impose a number of stringent obligations on all persons which in any manner process (defined under the Bill to include the collection, receipt, recordal, organisation, collation, storage, updating, alteration or modification, retrieval, consultation, use, dissemination, distribution, merging, linking, erasure or destruction) personal information,” explains Simone Gill, Director in the Technology, Media and Telecommunications practice at Cliffe Dekker Hofmeyr.
Gill explains, “As promulgation is now imminent, it is essential for all persons, including private and public entities, to initiate awareness workshops and to conduct detailed due diligence exercises in order to assess their current levels of compliance with the Bill and determine which steps are to be taken to ensure compliance, failing which they may find themselves being subject to criminal sanction and civil liability. Although the Bill does allow for a one year transition period, the obligations imposed are extensive and will take time and effort to implement.”