Tag archives: POPI

UK loss adjusters guilty of breach of data protection

A jury in England has found four individuals and the firm providing loss adjusting and claims management services guilty on charges of unlawfully disclosing personal data that was illegally obtained regarding the financial information of a number of individuals including details of their banking transactions. The firm used private investigators who obtained and disclosed the … Continue reading

Information Regulator makes first statement about unlawful processing

Although the Information Regulator is not yet fully operational, it has already received numerous complaints relating to the unlawful processing of personal information under the Protection of Personal Information Act 2013 (POPI). POPI itself is not yet fully in force. We are currently awaiting publication of a revised draft of the regulations following the closure … Continue reading

POPI regulations published for comment

The Information Regulator published draft regulations under the Protection of Personal Information Act 2013 (POPI) for public comment by 7 November 2017. The regulations cover various procedural items, including: the manner of objecting to the processing of personal information; requests for correction or deletion of personal information; the application form for industry codes of conduct; … Continue reading

Petya or NotPetya – under POPI you must report

Barely recovering from the WannaCry ransomware attack, many across the globe now have to deal with the latest ransomware attack, NotPetya. Originally thought of to be the Petya ransomware for making money, security analysts quickly realised that the current cyber-attack was not designed to make money. It appears that NotPetya has actually just been designed … Continue reading

Information Regulator – more than a POPI regulator

In her latest briefing session on 13 February 2017, advocate Pansy Tlakula, Chairperson of the Information Regulator, elaborated on the work that the office of the Information Regulator will be focused on and the progress they have made thus far, namely: Commencement date The Department of Justice informed the members of the Information Regulator that … Continue reading

Information Regulator held its inaugural meeting on 1 December 2016

According to a media statement issued by the Chairperson of the Information Regulator, Advocate Pansy Tlakula, the Information Regulator’s office held its inaugural meeting on 1 December 2016 at Salu Building in Pretoria. During the meeting the following responsibilities were allocated to the full-time members: Adv Collen Weapond has been designated as the full-time member responsible … Continue reading

POPI Regulator to commence duties on 1 December 2016

The functions of the Information Regulator include: to provide education about the Protection of Personal Information Act, for example, giving advice to data subjects in the exercise of their rights; to monitor and enforce compliance with POPI; to consult with interested parties; to handle complaints; to conduct research and to report to Parliament; to issue … Continue reading

Members of Information Regulator for POPI voted by Parliament

On Wednesday, 7 September 2016, the National Assembly approved the nomination of advocate Pansy Tlakula as the Chairperson of the Information Regulator for the Protection of Personal Information Act 2013 (POPI). Four other appointments that were approved – full-time members Advocate Lebogang Stroom and Johannes Weapond; and part-time members Professor Tana Pistorius and Sizwe Snail. … Continue reading

Medical technology initiatives announced in Health Minister’s budget speech

The use of technology in the health sector is on the rise.  The intersection of these two industries leads to interesting legal questions relating to digital risk, including big data analytics, data security and privacy. In his budget speech on 10 May 2016, Minister Aaron Motsoaledi discussed the following interesting medical technology initiatives being undertaken … Continue reading

Prepare for POPI – regulator shortlist

On Wednesday, 13 April 2016, ten shortlisted candidates were named by the Portfolio Committee on Justice and Correctional Services for five positions within the Information Regulator established in terms of the Protection of Personal Information Act 2013 (POPI). The shortlisted candidates are: Advocate Pansy Tlakula Mr Johannes Weapond Mr David Taylor Adv Lebogang Stroom Mr … Continue reading

Can you be traced through your internet activity?

Each device which accesses the internet is allocated a unique number (Internet Protocol or IP address) by its internet service provider (ISP). A record is created each time this IP address accesses a webpage, including the date, time and URL (website address) accessed. These records are stored by the ISP. ISPs are prohibited from providing … Continue reading

South African perspective on ECJ ruling that Safe Harbo(u)r is invalid

South Africa’s Protection of Personal Information Act 2013 (POPI) is largely based on the principles of the EU data protection directive. This includes the requirement that personal information must be adequately protected when transferred cross-border (assuming none of the other grounds apply). As the US does not have privacy laws equivalent to the EU it … Continue reading

POPI Information Regulator to be appointed

An agreement has been reached between the justice department and national treasury regarding the salary grading for the Information Regulator. The nomination process in the Protection of Personal Information Act, 2013 (POPI) for appointment of the Regulator will soon be initiated. Section 41 requires a multi-party committee of the National Assembly to assist with the … Continue reading

3 reasons why POPI is good for South Africa

We often hear complaints about the additional red tape that compliance with the Protection of Personal Information Act, 2013 (POPI) will impose on business. Although compliance will be a continual process, it should not be viewed as an impractical or overly burdensome task. POPI is not aimed at restricting business and should be applied practically. … Continue reading

Protection of Personal Information Act: Ten things to know

We have published a handy ten things to know about the Protection of Personal Information Act (POPI). We look briefly at issues such as how POPI applies to your organisation, direct marketing, cross-border transfers, notification of data breaches and enforcement. Once the act and regulations are brought into force you will have a year to … Continue reading

POPI takes its first steps

After much anticipation, an important milestone in the road to commencement of the Protection of Personal Information Act, 2013 (POPI), has been reached. From 11 April 2014, the following sections of POPI are operational: Section 1, which contains the definitions and sets out the purpose of POPI; Part A of Chapter 5 (sections 39 to 54), … Continue reading
LexBlog