Privacy Law

CHALLENGES TO POPIA COMPLIANCE AND ENFORCEMENT

It has been a few months since the grace period for the coming into full operation of the Protection of Personal Information Act, 4 of 2013 (“POPIA”) lapsed.  The hype and frenzy around POPIA compliance is slowly dying down.  This may be because most organisations have taken the steps to ensure they are POPIA compliant or they are ‘testing the [...]

THIS MEETING IS BEING RECORDED: DO YOU HAVE TO CONSENT TO IT?

The use of video conferencing tools have surged with the COVID-19 pandemic.  When organising virtual meetings, meeting organisers frequently request from attendees their consent to use the recording functionalities as it is convenient to prepare minutes, keep accurate records of the meetings and easier to share with colleagues who might not have been able to attend the meetings.  There is [...]

Should contracting parties include a cybersecurity clause?

Cyber attacks are fast becoming the norm in our society.  The COVID-19 pandemic has accelerated this with a 485% increase of ransomware reported in 2020.  A cyber attack to an organisation’s system impacts more than just an organisation.  The impact can extend to clients, suppliers, contractors, and employees.  A cyber attack is even worse in instances where personal data is [...]

Cyber attacks and reporting obligations under POPIA

The month of October, known as the Cybersecurity Awareness Month, comes at a time when South Africa is reeling from the effects of a plethora of security breaches and cyber attacks that have plagued the country since the beginning of 2021.  The most recent security breaches and cyber attacks targeted Transnet and the Department of Justice and Constitutional Development.  Section [...]

NEW EU SCC’s: IMPACT ON SOUTH AFRICAN BUSINESS

On 4 June 2021, the European Commission adopted two new sets of Standard Contractual Clauses (“2021 SCCs”). The 2021 SCC’s will replace the old SCC’s adopted in 2010.  The adoption of new SCC’s is to reflect the changes to European Union (“EU”) data privacy law, under the General Data Protection Regulation 2016/679 ("GDPR") and the Schrems II decision((Case C-311/18 Data Protection Commissioner [...]

International Day for Universal Access to Information 2021

Today, 28 September 2021, the world commemorates International Day for Universal Access to Information. It was declared by the United Nations Educational, Scientific and Cultural Organisation on 17 November 2015 and adopted by the United Nations General Assembly on 28 September 2019.  This day highlights the importance of access to information laws, and their implementation worldwide in order to promote [...]

By | 28th September, 2021|4IR, Data Protection, PPM Attorneys, Privacy Law, Technology Law, Telecommunications Law|

WhatsApp fines under the GDPR: A wake up call for businesses to comply

What happened with WhatsApp? The case that Max Schrems filed against WhatsApp back in December 2018 has been finalized at last.  WhatsApp was recently fined by the Irish Data Protection Commission an amount of 225 million Euros, which is over 3,7 billion Rands.  The Irish Data Protection Commission (DPC) is the equivalent of the Information Regulator in South Africa. The [...]

By | 10th September, 2021|4IR, Data Protection, GDPR, IT Law, PPM Attorneys, Privacy Law, Social media law, Technology Law|

Update: New PAIA Regulations

On the 27 August 2021, the Department of Justice published new regulations relating to the Promotion of Access to Information Act (“PAIA”).  The new regulations impose additional obligations on Information Officers.  Additional obligations are as follows: PAIA Guide Entities that are required to have a PAIA manual must ensure that they keep a copy of the Section 10 guide in [...]

By | 3rd September, 2021|4IR, PPM Attorneys, Privacy Law, Regulatory and Governance, Technology Law|

A step towards POPIA compliance – Vendor Management

In terms of the Protection of Personal Information Act, 4 of 2013 (“POPIA”), a Responsible Party must comply with POPIA 8 conditions for lawful processing of personal information.  As a business, you may engage the services of other service providers and vendors.  If such third parties are processing personal information on behalf of your business, they are called Operators.  It [...]

By | 7th July, 2021|4IR, Data Protection, PPM Attorneys, Privacy Law, Technology Law|

The New WhatsApp Privacy Policy – What you need to know

The changes to the WhatsApp privacy policy and terms sparked a worldwide uproar with many users migrating to other messaging platforms out of data privacy and security concerns.  This article addresses the above concerns by explaining the new changes and what social media users need to know before moving on to other platforms. What are the changes? In an effort [...]

By | 26th January, 2021|4IR, Data Protection, Media Law, PPM Attorneys, Privacy Law, Social media law|