Ф franciscronje.com

  • Home
  • Services
  • POPIA
  • About
  • POPIA WORKSHOPS
  • Blog
  • Referrals
  • Contact
  • Terms of Use

POPI approved by National Assembly

8/19/2013

1 Comment

 
After years of hard work by the South African Law Reform Commission, the Department of Justice, the Portfolio Committee for Justice and Constitutional Development and its Technical Working Committee, we can now at last say that the POPI Bill will soon be referred to as the POPI Act. Today, the 20th of August 2013, the National Assembly voted in favour of the Bill, leaving it only up to the President and his Constitutional Advisors, before the President himself, Mr. Zuma, puts his final signature on the Bill, enacting it into legislation.

The Protection of Personal Information Bill or more commonly referred to as POPI, has far reaching consequences for any entity or individual that processes (i.e. collects, handles, retrieves, stores,retains, destroys, deletes etc.) personal information. POPI makes provision for 8 conditions a company, organisation or person has to comply with if it intends on processing personal information lawfully.

With the fast and ever-increasing rate of growth in the technology sector, and more specifically the Information and Communications Technology (ICT) sector, the privacy or protection of personal information is becoming more and more relevant to every online individual's day to day life.

With geo-location and / or -tagging, IP address identification, web-cookies, Facebook and other social networking profiles, various mobile platforms, cloud computing, sharing of information and the targeting of all this information by big corporates or entities for targeted sales, the world has become a much smaller place, necessitating the protection of personal information.

Gone are the days where only your name, address and ID number are considered personal information. Today, as exampled above, a wide array of bits of data can be stringed together to infiltrate our privacy.

However, as with most developing countries, access to the internet in South Africa is still limited.

BUT, a thriving mobile industry has given large entities ample opportunity to exploit the privacy of mobile users who do not necessarily have other forms of communication, sometimes leaving them incurring unnecessary costs through unwanted subscriptions and / or misleading advertising.

POPI will inter alia, amongst many other things, try to regulate these forms of exploitation. It will also enforce entities to establish the necessary security safeguards surrounding the processing of personal information.

For the first time we will have legislation that enforces entities to utilise appropriate Information Security standards.

It will further try to curtail localised spamming, it will combat ID theft and hopefully open certain trade barriers by establishing South Africa as a country with adequate data protection legislation.

The Act will aslo create better transparency so that individuals or data subjects whose personal information (PI) is utilised, would be able to understand what their PI is being used for, how it is distributed, and why they have to hand over certain pieces of PI, where it might be deemed as unnecessary.

Data subjects will also have more control over their own information and be able to correct, rectify or request deletion of their PI.

Organisations in turn should therefore ensure that they make enough provision to enable their own enforcement of the 8 POPI conditions.

POPI implementation is organisation wide and touches on every department or business unit within companies, schools, hospitals, mines, car dealerships, estate agencies, universities, insurance and banking houses, couriers and smaller entities such as doctor practices, attorneys, faxing and copying companies to name but a few.

It is complex (spanning across all formats, media or records), yet achievable, but sideline sitting and a wait and watch approach will land any entity, irrelevant of size or shape, eventually in merky regulatory water.


1 Comment

    Author

    Francis Cronje is an Information Governance specialist and provides insight from a legal and governance perspective on a wide range of topics in the Information and ICT sphere, including matters pertaining to the Protection of Personal Information (POPI) / Data Protection / Privacy, Information Security and other related topics.

    View my profile on LinkedIn
    Follow @franciscronje

    Archives

    September 2017
    January 2016
    September 2015
    July 2015
    May 2014
    February 2014
    November 2013
    August 2013
    July 2013
    June 2013
    May 2013
    March 2013
    January 2013
    November 2012
    September 2012
    August 2012
    June 2012
    April 2012
    March 2012
    February 2012
    January 2012
    September 2011

    Categories

    All
    Corporate Governance
    Data Protection
    Developing Countries
    Ict
    Information Security
    Ncop
    Popi
    Privacy
    Protection Of Personal Information
    South Africa
    Zuma

    RSS Feed

  • Home
  • Services
  • POPIA
  • About
  • POPIA WORKSHOPS
  • Blog
  • Referrals
  • Contact
  • Terms of Use