Despite being written 17 years ago, the Protection of Personal Information (POPI) Act has been requested by the Information regulator to come into effect this year.
While POPI was signed in 2013, many of its provisions have not come into effect. As a result, the Information Regulator has asked President Cyril Ramaphosa to declare the remaining provisions of the act.
The act outlines wide protections for consumers against actions such as spam calls and data theft.
While spam calls are a small annoyance, South Africa is actually one of the most spammed countries in the world. According to a 2019 TrueCaller report, the country ranks the 4th most spammed.
In addition, South Africa has experienced a number of data breaches in 2019 alone, proving the commencement of the act is needed to ensure all sectors are collecting, storing and distributing data responsibly.
According to Pansy Tlakula, chairperson of the Information Regulator of South Africa, the new act will give the regulator enforcement powers allowing them to levy fines and pursue criminal prosecution.
This will assist in providing protection from unwelcome calls but this protection will not extend to information posted online. These new regulations under the POPI Act will help to ensure that companies have proper measures in place when dealing with private information.
Businesses will get a one-year grace period, during which time they have to make the changes necessary to comply with the act.
It is expected to commence on April 1, 2020.