RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://en.wikipedia.org/wiki/Protection_of_Personal_Information_Act,_2013 below:

Protection of Personal Information Act, 2013

From Wikipedia, the free encyclopedia

Protection of Personal Information Act, 2013 Long title

Act to promote the protection of personal information processed by public and private bodies; to introduce certain conditions so as to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000; to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the flow of personal information across the borders of the Republic; and to provide for matters connected therewith.

Citation Act No. 4 of 2013 Territorial extent Republic of South Africa Enacted by Parliament of South Africa Assented to 19 November 2013 Commenced 1 July 2020

Status: In force

South African privacy legislation

The Protection of Personal Information Act (PoPIA or the PoPI Act) is a piece of legislation which governs the law of data protection and privacy in South Africa.^[1] The act was passed to regulate the right to privacy, as enshrined by section 14 of the Constitution of South Africa, and would work in conjunction with the Promotion of Access to Information Act. The President of South Africa assented to the Act on 19 November 2013. As part of the regulation a new government agency was created, the Information Regulator,^[2] an independent body which is empowered to monitor and enforce compliance of the PoPI Act within the public and private sector. The act came into force 1 July 2020, which commenced a one-year grace period during which all South African entities were expected to become compliant. The grace period ended 30 June 2021, with the commencement of the act on the 1 July 2021.^[3]^[4]^[5]

The PoPI Act sets out several core obligations.^[6] Some of the key requirements include:

Personal information can only be processed:
- with the consent of the data subject; or
- if it is necessary for the conclusion or performance of a contract that a data subject is a party to; or
- it is required by law; or
- it protects a legitimate interest of a data subject; or
- if processing is necessary for pursuing the legitimate interests of the responsible party or of a third party to whom the information is supplied.
Private and public entities must report data leaks to the affected people and the Information Regulator.
Organisations must appoint a responsible person who must ensure compliance to the PoPI Act.
Cross-border transfers of personal data are restricted.
Organisations that process personal information must ensure they satisfy minimum security obligations.
Direct marketing, the sale and use of electronic directories and automated decision making are also severely curtailed.
The act elevates the obligations placed on entities that process information regarding children, religious beliefs, race, ethnic origin, trade union membership, health, sex life, criminal behaviour and biometric information.

The PoPI Act applies to all persons and organisations within the borders of South Africa, and extends to visitors and illegal immigrants.^[7]

Penalties under the Act include fines of up to R10 million and a jail sentence of up to 10 years.^[8] In July 2023, The Information Regulator fined the Department of Justice and Constitutional Development R5 million rand.^[9]^[10]

Information Regulator Formed 1 July 2020 (2020-07-01) Jurisdiction South Africa Headquarters JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001 Agency executives

Adv. Pansy Tlakula, Chairperson
Mosalanyane Mosala, CEO

Website inforegulator.org.za Information Regulator[edit]

The Information Regulator is an independent body created in response to the PoPI and PAIA acts. It is empowered to monitor and enforce compliance of the acts within the public and private sector. It functions in terms of the two acts and is accountable to the National Assembly of South Africa.

South Africa does not yet have a formal cohesive piece of legislation in force which governs cybercrimes in South Africa. The Cybercrimes Act has been signed by the President of South Africa, and will come into force on a date to be proclaimed in the Government Gazette. The period between assent and commencement will be spent developing operating procedures and other documented processes for the implementation of provisions of the Act.^[11]

The Information Regulator

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.3