Ф franciscronje.com

  • Home
  • Services
  • POPIA
  • About
  • POPIA WORKSHOPS
  • Blog
  • Referrals
  • Contact
  • Terms of Use

POPI Bill presented to Portfolio Committee

6/20/2012

0 Comments

 
The technical working committee presented its 7th and final draft of the POPI (Protection of Personal Information) Bill to the Portfolio Committee at Parliament on the 19th of June 2012.

During the presentation particular reference was made to the definition of a child and the Regulator's potential role concerning exceptions to the rule pertaining to the processing of childrens' personal information.

At this point in time no real consensus exist as to whether a child's age in terms of the proposed legislation should be a person under 13 (thirteen), or a person under the age of 18 (eighteen). This would in effect imply that a person (the responsible party) processing personal information may not process personal information relating to any  person (data subject) under any of the given ages (depending on which age consensus would have  been reached to establish whether he or she  is a child or not), unless the responsible party have met certain criteria.

In other words, a social networking site domiciled in South Africa for example, would for instance be prohibited from processing individuals' personal information if such individuals are considered to be children (either under 13 or under 18) in terms of the proposed legislation. An exception would be if the Regulator would permit them to do so under special circumstances and after the responsible party have submitted an applictation. Consent from a competent person might also justify the processing, for instance where the child's parent or guardian has granted his or her consent. But in today's age of technological advances and equally savvy kids, this might prove probelematic to enforce.

Interesting enough is that the EU in its new regulations have defined the age of a child as somebody under the age of 13 (thirteen).

Another area that was debated was whether processing notification to the Regulator by a Resonsible Party should be made an obligation in terms of the proposed Act. This was raised specifically to highlight the proposed changes or regulations in the EU where notification has been abolished to be replaced by a mechanism where the Responsible Party itself will retain certain documentation to illustrate its processing. The Technical Working Committee will report back with its own findings on this issue.

The Bill still seems on target to be promulgated before the end of 2012.

A copy of the latest version of the POPI Bill can be downloaded here.




0 Comments



Leave a Reply.

    Author

    Francis Cronje is an Information Governance specialist and provides insight from a legal and governance perspective on a wide range of topics in the Information and ICT sphere, including matters pertaining to the Protection of Personal Information (POPI) / Data Protection / Privacy, Information Security and other related topics.

    View my profile on LinkedIn
    Follow @franciscronje

    Archives

    September 2017
    January 2016
    September 2015
    July 2015
    May 2014
    February 2014
    November 2013
    August 2013
    July 2013
    June 2013
    May 2013
    March 2013
    January 2013
    November 2012
    September 2012
    August 2012
    June 2012
    April 2012
    March 2012
    February 2012
    January 2012
    September 2011

    Categories

    All
    Corporate Governance
    Data Protection
    Developing Countries
    Ict
    Information Security
    Ncop
    Popi
    Privacy
    Protection Of Personal Information
    South Africa
    Zuma

    RSS Feed

  • Home
  • Services
  • POPIA
  • About
  • POPIA WORKSHOPS
  • Blog
  • Referrals
  • Contact
  • Terms of Use