Certain sections of the Protection of Personal Information Act come into force

14th April 2014

Certain sections of the Protection of Personal Information Act come into force

The President of South Africa (President) proclaimed that certain sections of the Protection of Personal Information Act, No. 4 of 2013 (POPI) came into force on Friday (11 April 2014), including:

It is important to note that section 114, which deals with transitional arrangements around POPI, has not come into force. This means that the 12 month grace period to ensure compliance with the provisions of POPI has not yet commenced.

It is however clear that Government is starting to take steps to implement POPI and it is possible that an announcement about the commencement of section 114 (and other sections) may follow later this year. Parties will have a one year grace period from the commencement of section 114 to ensure compliance with the provisions of POPI, unless this grace period is extended as allowed by POPI.

We anticipate that the steps required to appoint the Chairperson and the members of the Information Regulator will now commence. These individuals are appointed by the President on the recommendation of the National Assembly.

POPI is a ground-breaking piece of legislation and has significant and far reaching consequences for all companies and businesses that process the personal information of individuals or of juristic persons (such as other companies, close corporations, trusts and the like). This impacts all companies and businesses that process information relating to employees, customers, suppliers and other third parties.

Time is of the essence and businesses should immediately start taking steps to ensure that they are compliant with POPI by the end of the grace period. Compliance with POPI will be complex, time-consuming and will require careful planning and the allocation of considerable resources.

Written by Robby Coelho and Esti Louw, Webber Wentzel