Information regulator Insights

Does the information regulator communicate with other regulators to ensure its compliance with adequate safeguarding measures?

The Information Regulator (IR) does communicate with other regulators but because each regulator has its own mandates, the IR is confined to the parameters of POPI and PAIA and anything that falls outside the four corners of these Acts will [...]

By Refilwe Motsoeneng|2024-03-22T11:37:17+02:00March 22nd, 2024|Categories: Data protection, Information regulator, POPIA|

What are the information regulator’s plans to work with other regulators in ensuring alignment in inputs on the standard frameworks and policies that will cover cybercrimes?

The initial difficulty that South Africa is facing is that it does not have a cybercrimes commission. At present, the Information Regulator works closely with the police and the Hawks but uses its own processes separate to those used by [...]

By Refilwe Motsoeneng|2024-03-22T11:28:35+02:00March 22nd, 2024|Categories: Cybercrime, Information regulator|

What role will the information regulator play in terms of the Cybersecurity Act?

The Information Regulator will have a similar role with the Cybersecurity Act as it does now when receiving data breach notifications. A data breach is usually occurring at the same time as when a cybercrime is happening. The difficulty with [...]

By Refilwe Motsoeneng|2024-03-22T11:23:09+02:00March 22nd, 2024|Categories: Cybercrime, Information regulator|

Will the information regulator issue updated guidance on prior authorisation?

The Information Regulator plans to clarify its updates on prior authorisation such as making application forms easier to use, in an upcoming guidance note. When dealing with personal information, remember to consider it in a holistic point of view. There [...]

By Refilwe Motsoeneng|2024-03-22T11:17:54+02:00March 22nd, 2024|Categories: Information regulator, POPIA|

What does the information regulator look for during a POPIA or PAIA compliance assessment?

The Information Regulator (IR) has discretion in when to assess organisations' data processing practices under both POPIA and PAIA. They follow prescribed procedures and inform applicants about the scope and reasons for the assessment. For POPIA assessments, factors considered include [...]

By Refilwe Motsoeneng|2024-03-22T11:08:04+02:00March 22nd, 2024|Categories: Access to information, Information regulator, POPIA|

What are some of the information regulator’s strategies for dealing with a criminal situation when contacting the police is not an option?

The information regulator would like to clarify that it is not a cybercrime agency and does not investigate cybercrimes. They do concede that there is a need for a cybercrime agency to assist in the regulation of cybercrimes in the [...]

By Refilwe Motsoeneng|2024-03-22T10:24:38+02:00March 22nd, 2024|Categories: Cybercrime, Information regulator|

What rules apply when sending data to EU countries?

The rules that apply to when sending data to EU countries is not straightforward. The person who is sending that data will have to make an assessment as to whether making a transfer to the intended country has the appropriate [...]

By Refilwe Motsoeneng|2024-03-22T10:03:32+02:00March 22nd, 2024|Categories: Data protection, Information regulator, POPIA|

What are the information regulator’s plans regarding AI?

While the Information Regulator (IR)'s plan is to keep an eye on international developments regarding AI regulation, AI is not an immediate priority for the Information Regulator right now. Their current focus lies on amending existing legislation like POPI and [...]

By Refilwe Motsoeneng|2024-03-26T08:23:03+02:00March 19th, 2024|Categories: Cybercrime, Information regulator, POPIA, Trustworthy AI|

What are the information regulator’s key priorities for 2024?

There are several issues that the information regulator is aiming to address this year. Still, the two key priorities are addressing concerns around AI and automated decisions and regulating cross-border transfers of personal information. AI and automated decision-making: international data [...]

By Refilwe Motsoeneng|2024-02-29T11:39:44+02:00February 29th, 2024|Categories: Information regulator, POPIA, Trustworthy AI|

How do I get prior authorisation from the regulator?
Gallery
How do I get prior authorisation from the regulator?

How do I get prior authorisation from the regulator?

If you have determined that your organisation needs to get prior authorisation, the next question is how do you apply? Who do you send the application form for prior authorisation to? It is like applying for your license - you [...]

By John Giles|2024-08-21T15:48:01+02:00September 1st, 2021|Categories: Information regulator, POPIA, Prior authorisation|

Who needs to get prior authorisation from the information regulator?
Gallery
Who needs to get prior authorisation from the information regulator?

Who needs to get prior authorisation from the information regulator?

You need prior authorisation from the information regulator if your organisations is a responsible party that plans to do certain specified things. Note that operators don’t need get prior authorisation, only responsible parties. Do you know what role you play [...]

By John Giles|2021-09-24T10:13:39+02:00September 1st, 2021|Categories: Information regulator, Prior authorisation|