Data Protection

SHEBURI V RAIL SAFETY REGULATOR – APPLICATION OF POPIA

On 2 March 2022, the CCMA handed down a ruling relating to an unfair labour practices dispute.  The applicant, an employee of the Rail Safety Regulator (the respondent), alleged that she was excluded from receiving benefits that were due to her which other employees were entitled to.  The respondent raised a point in limine objecting that the applicant’s bundle of [...]

By , | 24th March, 2022|Compliance Law, Data Protection, Dispute resolution, POPIA, Privacy Law|

Two first decisions on Google Analytics’ data transfers to the US

Following the “Schrems 2” decision from the Court of Justice of the European Union (CJEU) on 16 July 2020 invalidating the privacy shield((The Court of Justice invalidates Decision 2016/1250 on the adequacy of the protection provided by the EU-US Data Protection Shield (europa.eu).)), the European Data Protection Authorities (DPAs) are now taking the first “real world” decisions.   A few [...]

POPIA and Prior Authorisation

On 1 February 2022, section 58 (2) of the Protection of Personal Information Act, 4 of 2013 (POPIA) came into full operation.  This section relates to application for prior authorisation. What is prior authorisation and when should a Responsible Party apply for one? In instances where a Responsible Party is involved in processing certain types of information, they may need [...]

By | 7th March, 2022|Compliance Law, Data Protection, Information Security, POPIA, Privacy Law|

The importance of social media policies in schools

INTRODUCTION Social media refers to forms of electronic communication through which users create online communities to share information, ideas, personal messages, videos and other content.  Since the beginning of the COVID-19 pandemic, social media has proven to be a useful tool through which teachers and learners can communicate.  This enables  them to facilitate learning while adhering to the social distancing [...]

By | 7th March, 2022|Child law, Data Protection, GDPR, Information Security, Social media law|

VIRTUAL COMMISSIONING IN SOUTH AFRICA

In South Africa, commissioners of oaths are regulated by the Justices of The Peace and Commissioners of Oaths Act (“the Act”).((No. 16 of 1963.))  In terms of the Act, and under normal circumstances, Commissioners of Oaths are required to verify the identity of the person making the sworn statement, they have to ensure that the documents annexed to the affidavit [...]

By | 7th March, 2022|4IR, Commercial Law, Contract Law, Cybersecurity, Data Protection, IT Law, Legal Practice|

WHY THE DEPARTMENT OF BASIC EDUCATION’S CAPITULATION ON THE PUBLISHING OF MATRIC RESULTS IS A TRAVESTY

The Pretoria High Court, today, granted an urgent interdict compelling South Africa’s Department of Basic Education (“the Department”) to publish matric results on various media platforms.  This was after the Department announced, on 10 January 2022, that it would no longer permit matric results to be published on public media platforms. The Department’s failure to oppose the interdict is a [...]

By | 27th January, 2022|Child law, Compliance Law, Data Protection, Privacy Law|

Privacy implications of wearable technologies – the case of smart glasses

Introduction The Internet of Things (“IoT”) refers to the interconnection via the internet of computing devices embedded in everyday objects, enabling them to send and receive data.  The IoT has become one of the most important emerging technologies.  There are various devices that form part of the IoT, including wearable technologies. As it stands there is no universally agreed upon [...]

By | 27th January, 2022|Compliance Law, Cybersecurity, Data Protection, Information Security, Privacy Law|

How to avoid sanctions under POPIA

With the coming into full operation of the Protection of Personal Information Act, 4 of 2013 (POPIA), we have been receiving questions from clients regarding the implementation of the POPIA sanctions.  We noticed that a lot of people are confused on when POPIA sanctions can be imposed on a business, organisation or individual acting as responsible parties.  For example, if [...]

Measures your organisation can take to comply with condition 7 of POPIA

As more organisations move towards becoming compliant with the Protection of Personal Information Act (“POPIA”), many organisations are looking for a tailored solution to suit their business needs and to better protect the personal information that they hold.  Although condition 7 of POPIA does not stipulate the exact measures that must be taken, it requires that the responsible party must [...]

By | 26th January, 2022|Commercial Law, Data Protection, IT Law, Privacy Law, Technology Law|

CHALLENGES TO POPIA COMPLIANCE AND ENFORCEMENT

It has been a few months since the grace period for the coming into full operation of the Protection of Personal Information Act, 4 of 2013 (“POPIA”) lapsed.  The hype and frenzy around POPIA compliance is slowly dying down.  This may be because most organisations have taken the steps to ensure they are POPIA compliant or they are ‘testing the [...]