South Africa: Data protection rules in Protection of Personal Information Act (POPIA)

On 1 July 2021, the Protection of Personal Information (POPIA) was fully implemented after Section 58(2) came into effect. Adopted in 2013, the POPIA applies to public and private “responsible parties” that process personal information (e.g. collect…

The South African Information Regulator published the guidance on awarding exemptions from the conditions for the lawful processing of personal data. Exemptions may be granted to processors who can demonstrate that processing personal information is…

The Information Regulator has confirmed that the deadline for the registration of Information officers and Deputy Information Officers has been lifted and no responsible party, meaning any person (individual or entity) that determines the means for …

The operative provisions of the Protection of Personal Information Act (2013) including a new data protection regime come into effect after a one-year grace period following proclamation No. R21 in 2019. The Act introduces the rights to rectify, del…

On 20 August 2013, the Protection of Personal Information Bill (B9-2009) was adopted after being passed by both Houses of the National Assembly. The Bill requires entities to obtain consent for the processing of personal information, enabling justi…

On 24 August 2009, the Protection of Personal Information Bill (B9-2009) was introduced to the National Assembly. The Bill requires entities to obtain consent for the processing of personal information, enabling justifications such as contractual pe…