With the Protection of Personal Information Act (POPI) created to regulate the protection of personal information, an enormous impact is expected as South African businesses will soon be legally obligated to notify of any data breaches. What is expected from businesses faced with data breaches? The responsible party will have to notify the Information Regulator, as well as the data subject, should there be reasonable grounds to believe that the personal information of a data subject has been...

The General Data Protection Regulation (GDPR) was enforced on 25 May 2018 by the European Union Law and was drafted to coordinate any previous and or current legislation in one document. This means that every resident of the European Union’s (EU) right to data privacy are protected under this regulations. Any law or regulation approved by the EU are in general applicable within the member states of the European Union. It must be emphasized that the GDPR is not a South African Law and that the...

Much has been written about the Protection of Personal Information Act (POPI), its effect on direct marketing and the consequences of unlawful use and processing by responsible parties. Despite this, in the case of MiWay v King Goodwill Zwelithini, MiWay found itself under the scrutiny of the Information Regulator when a telephonic conversation between one of its sales agents and King Goodwill Zwelithini was leaked on social media. The telephone call in question was made by the sales agent to...

The Consumer Protection Act (CPA) was introduced to the consumer community in 2011, notwithstanding the phenomenon that 7 years later, the consumer still accepts that the supplier selects the recourse on the consumer’s behalf. As a consumer, you may have 3 separate potential claims available to aid yourself in a dispute with a supplier; provided that the dispute relates to unsafe, damaged or defective goods or services. These remedies are repair, replace or refund. What does the CPA say?...

Businesses face risk for liability for defective goods every day. A recent important incident is the Listeriosis outbreak that crippled businesses and suppliers in the processed meat industry. The consequences are reaching far beyond just the businesses who are directly involved - farmers who supply livestock to abattoirs, who in turn supply carcasses to the relevant businesses. Even businesses supplying packaging materials are affected. Section 61 of the Consumer Protection Act (CPA) states...

Requirements for the processing of Personal information in Terms of the POPI Act. The Protection of Personal Information Act, Act No.4 of 2013 (POPI) provides for a legal framework in terms of which information of a personal nature, held of any data subject, which includes a natural living or juristic person should be dealt with in a confidential way. The definition of personal information in the POPI Act includes amongst others any information of a date subjects race and ethnic origin, the...

Many business owners remain oblivious as to the purpose of the Protection of Personal Information (POPI) Act. If asked, these corporate bodies may admit to have a mere partially defined data protection plan in the workplace. Countless more business owners have yet to learn of the POPI Act’s existence. Recent events have highlighted data security as an ever growing concern and reiterated the need for upgraded information control measures in the workplace. The largest data breach to be recorded...

With the Protection of Personal Information (POPI) Act still on billboards and in the news, most business owners are aware of it but they are still unsure of whether they are processing personal information lawfully. You might think, “How am I going to do what the POPI Act requires from me and grow my business at the same time?” This is not only possible, but it’s not as hard as many business owners think. Where does my compliance begin? Businesses need to work systematically through their...

After the Protection of Personal Information (POPI) Act Draft Regulations were gazetted in September 2017, they are expected to be published in April 2018 after comments and suggestions were considered. The Draft Regulations are basically more detailed rules and procedures on the practical application of the POPI Act. An assessment of the Draft Regulations demonstrate that they are practical and relatively uncomplicated. What is the role of the POPI Act Draft Regulations? The Draft Regulations...