POPIA fines

We continually monitor and provide a plain-language summaries of all POPIA fines. Our summaries highlight what action you might need to take in response. We summarise any fine that applies to POPIA. We do all the hard work for you to save you time.

Only some of the POPIA fine summaries are linked below. To read all previous ones and be alerted to future ones, join the Michalsons data protection programme. If you are a member and you are logged in, you will be able to view the public as well as the “Members only” fine summaries.

Department of Basic Education enforcement action | Consent

The Information Regulator argues that it is unlawful for the Department of Basic Education (DBE) to publish matric results in newspapers using a learner's exam number without consent. The regulator issued an enforcement notice to the DBE and then fined […]

By |2026-01-11T21:56:59+02:00January 8th, 2026|Categories: POPI and Data Protection|Tags: , , , , , , |
Read More

Lancet Laboratories enforcement action | Security

The Information Regulator issued a POPIA enforcement notice against Lancet Laboratories in September 2024 for failing to comply with the breach notifications required by POPIA. The Information Regulator conducted a POPIA compliance assessment following the numerous security compromises experienced by [...]

By |2025-12-05T12:27:25+02:00September 25th, 2024|Categories: POPI and Data Protection|Tags: , , , , , , , , , , |
Read More

DOJ infringement notice 1 | Security measures

The information regulator issued a DoJ infringement notice to the Department of Justice where it fined the DoJ R5 million. In May 2023, the regulator issued the DoJ with an enforcement notice outlining a list of remedial actions the DoJ [...]

By |2025-01-27T17:42:21+02:00September 11th, 2024|Categories: POPI and Data Protection|Tags: , , , , , |
Read More

Using an outsourced DPO to avoid fines

Data protection regulations are becoming increasingly strict. In response, many organisations are turning to outsourced Data Protection Officers (DPOs) to ensure that their organisation remains fully compliant. An outsourced DPO helps an organisation follow its data protection plan and makes [...]

By |2024-02-22T10:46:33+02:00June 19th, 2023|Categories: POPI and Data Protection|Tags: , , , , , , |
Read More

Data protection fines in Africa

Data protection fines in Africa are on the rise as more authorities enforce compliance with data protection laws. Data protection authorities in Angola and Kenya have hit the ground running by enforcing data protection laws. In this article, we highlight [...]

By |2024-02-22T10:47:10+02:00March 29th, 2023|Categories: POPI and Data Protection|Tags: , , , , , , |
Read More