On 25 May 2018, the EU’s new General Data Protection Regulation (GDPR) will come into force. While the regulations are aimed at protecting EU citizens and residents, its reach will be global and will impact on certain businesses operating in South Africa. The GDPR replaces the Data Protection Directive and is far-reaching, imposing additional obligations … Continue reading
A jury in England has found four individuals and the firm providing loss adjusting and claims management services guilty on charges of unlawfully disclosing personal data that was illegally obtained regarding the financial information of a number of individuals including details of their banking transactions. The firm used private investigators who obtained and disclosed the … Continue reading
The functions of the Information Regulator include: to provide education about the Protection of Personal Information Act, for example, giving advice to data subjects in the exercise of their rights; to monitor and enforce compliance with POPI; to consult with interested parties; to handle complaints; to conduct research and to report to Parliament; to issue … Continue reading
The Department of Health in South Africa has recognised that one of the reasons for the failure to achieve ‘Health for All’ as envisioned by the Alma Ata Declaration is the failure to address health systems effectively. In line with their intention to prioritise access to medicines and vaccines the department launched self-service medicine-dispensing machines … Continue reading
The use of technology in the health sector is on the rise. The intersection of these two industries leads to interesting legal questions relating to digital risk, including big data analytics, data security and privacy. In his budget speech on 10 May 2016, Minister Aaron Motsoaledi discussed the following interesting medical technology initiatives being undertaken … Continue reading
Cybercrime happens at the speed of broadband with criminals able to easily move the tools of their activities from one location to another. Successfully combatting cybercrime therefore requires real time detection and investigation, often by different agencies in different countries. Cybercrime has exploded internationally in the past several years in tandem with the surge of … Continue reading
Each device which accesses the internet is allocated a unique number (Internet Protocol or IP address) by its internet service provider (ISP). A record is created each time this IP address accesses a webpage, including the date, time and URL (website address) accessed. These records are stored by the ISP. ISPs are prohibited from providing … Continue reading
The proliferation of data gives rise to two challenges: Companies need to manage the vast amounts of data they now control and turn it to useful purposes. The availability of so much data has been an ideal environment for an explosion of various forms of cybercrime. Data The role of data scientists and analytic technology … Continue reading
South Africa’s Protection of Personal Information Act 2013 (POPI) is largely based on the principles of the EU data protection directive. This includes the requirement that personal information must be adequately protected when transferred cross-border (assuming none of the other grounds apply). As the US does not have privacy laws equivalent to the EU it … Continue reading
You are responsible for your information. It is important to understand how your information is being used. LinkedIn updated their privacy policy and user agreement on 23 October 2014. It is easier to read and understand in comparison to earlier versions. If you read through the policy it will give you an understanding of the … Continue reading
We often hear complaints about the additional red tape that compliance with the Protection of Personal Information Act, 2013 (POPI) will impose on business. Although compliance will be a continual process, it should not be viewed as an impractical or overly burdensome task. POPI is not aimed at restricting business and should be applied practically. … Continue reading
We have published a handy ten things to know about the Protection of Personal Information Act (POPI). We look briefly at issues such as how POPI applies to your organisation, direct marketing, cross-border transfers, notification of data breaches and enforcement. Once the act and regulations are brought into force you will have a year to … Continue reading
When you delete your Twitter account: You need to deactivate your account using your account settings. Your account should be deactivated within a few minutes, but some content may be viewable for a few days. Data is only retained for 30 days from date of deactivation after which it is deleted. Twitter retains its licence … Continue reading
After much anticipation, an important milestone in the road to commencement of the Protection of Personal Information Act, 2013 (POPI), has been reached. From 11 April 2014, the following sections of POPI are operational: Section 1, which contains the definitions and sets out the purpose of POPI; Part A of Chapter 5 (sections 39 to 54), … Continue reading