The much anticipated and deeply needed Protection of Personal Information Act, 2013 (“POPIA”), which gives effect to the constitutional right to privacy in South Africa, will soon be commence.
Certain provisions of the Act, including those relating to the establishment of the Information Regulator, were implemented in April 2014. Several of the remaining sections could only be put into operation at a later stage as they required a state of operational readiness for the Information Regulator to assume its powers, functions and duties in terms of POPIA.
The commencement of the remaining sections have now been proclaimed by the President of South Africa as follows:
- Sections 2 to 38, sections 55 to 109, section 111 and section 114 (1), (2) and (3) will commence on 1 July 2020. These are the essential parts of POPIA and pertain to:
- the conditions for lawful processing of personal information,
- the regulation of the processing of special personal information;
- Codes of Conduct issued by the Information regulator;
- procedures for dealing with complaints;
- provisions regulating direct marketing by means of unsolicited electronic communication, and general enforcement of the Act.
- Sections 110 and 114(4) will commence on 30 June 2021. These sections pertain to the amendment of laws and the effective transfer of functions of the Promotion of Access to Information Act, 2000 (“PAIA”) from the South African Human Rights Commission to the Information Regulator.
What does this mean? In terms of POPIA, all organisations must be POPIA compliant by 1 July 2021, but should attempt to comply with the provisions of POPIA as soon as possible. As a start, here are some points to consider:
- the appointment of an information officer;
- what should the compliance framework look like;
- updating contracts;
- drafting and then implementing the right policies; and
- establishing the appropriate controls and processes to ensure the compliance framework is effective.
For further analysis of privacy legislation and compliance, please refer to our privacy in brief newsletters. Our recent POPIA “must haves” article elaborates on ENSafrica’s POPIA toolkit.
Feel free to contact us about how we can help you on the POPIA compliance journey.
Ridwaan Boda
Executive | Technology, Media and Telecommunications
rboda@ENSafrica.com
+27 83 345 1119
Wilmari Strachan
Executive | Technology, Media and Telecommunications
wstrachan@ENSafrica.com
+27 82 926 8751
Era Gunning
Executive | Banking and Finance
egunning@ENSafrica.com
+27 82 788 0827
Rakhee Dullabh
Senior Associate | Corporate Commercial
rdullabh@ENSafrica.com
+27 82 509 6565