There are media reports that the Protection of Personal Information Act (POPI Act or POPIA) commenced today 1 April 2020. This is incorrect. POPIA has not commenced. The President has not proclaimed the date in the Government Gazette. The Information Regulator asked the President to proclaim it by 1 April 2020 but he has not done so. He obviously has a lot on his plate and he is dealing with a crisis – in our view very well. He can therefore maybe be excused for not proclaiming a date. POPIA will commence on an unknown date the President will proclaim in the future. We are monitoring this constantly and will alert you when he proclaims the date.
Is privacy important in times like these?
Some will argue that privacy (and the protection of personal information) is not a high-priority issue and that the last thing business needs in times like these is yet another compliance requirement that is going to cost money and prevent a business from staying in business. Yes, keeping the economy going and people healthy is important but so is privacy. Especially ensuring that Government does not unnecessarily invade the privacy of citizens.
Privacy is more important than ever
- Cybercrime (using personal data) has surged during the current crisis and people are suffering harm. POPIA is part of solving that.
- Staff are working from home, which puts the security of information at higher risk. POPIA fixes that.
- Government is using location information to track the disease and infected people. This is probably justifiable but there must be safeguards against abuse. POPIA creates them.
- Infected people will be named and discriminated against – sometimes in the workplace. POPIA stops that.
- We need personal information to flow from other countries to South Africa. POPIA fixes that.
- We need to restore South Africa’s reputation in the world. POPIA is part of that.
When might the commencement date be?
The simple answer is we don’t know – no one does.
What does this uncertainty mean for your organisation
Uncertainty creates stress and stops your organisation from planning meaningfully. But this is an important issue that is not going to go away. Irrespective of when the commencement date is, you need to protect personal information. Our view is that you should continue to work on it or start if you haven’t already. Focus on what is within your control and not what isn’t. Set your own timeline.
Remember: keep calm! Michalsons has got you!
Get future POPI Updates
- Be alerted to any new developments by subscribing to our newsletter.
- Comply with the POPI Act by seeing how Michalsons can help you.
- Get specialist subject matter expert support to empower you to implement the POPI Act by joining a Michalsons programme.
- Find out more about it and how to comply with the POPI Act by attending our POPI Workshop.