Are you looking for the POPI Regulations or the POPIA Regulations? The reason you cannot find them is because they have not yet been released to the public. There are two people who have the power to make regulations.
Minster’s POPI Regulations
The Minister of Justice and Constitutional Development has the limited power to make POPI Regulations (under section 112(1)) about:
- establishing the Information Regulator, and
- fees that data subjects must pay to:
- a responsible party for accessing the personal information it processes, and
- the Regulator when complaining to the Regulator.
That is it – the Minister has quite limited powers to make regulations. We expect that the Minister will only publish these regulations towards the end of 2017. The Information Regulator has already met with the Minister to discuss these regulations.
Information Regulator’s POPIA Regulations
The Information Regulator has the power to make Regulations (under section 112(2)) about all sorts of things. These are the regulations that are going to be very relevant to any organisation that must comply with POPIA. The Regulator has produced a zero draft of these POPIA Regulations and submitted them to the Law Advisors Office for refinement and finalisation before it begins the public consultation process. The Information Regulator intends to table the Regulations in Parliament before the end of 2017.