If a responsible party commits a serious breach under POPIA, the information regulator may serve them with an infringement notice. If you receive an infringement notice from the regulator, it means that the regulator has imposed an administrative fine on you. The infringement notice will contain full particulars of the responsible party facing the accusation of breaching POPIA (the infringer), details about the offence, and the amount of an administrative fine that the party must pay (section 109).
The responsible party still has some options available to them.
- Pay the fine.
- Make a payment arrangement with the regulator to pay the fine in installments.
- Take the matter to court.
We regularly monitor and report on all updates from the information regulator. It is important for anyone who processes personal data to keep on top of the outcomes of enforcement notices that lead to an infringement notice. That’s why we’ve launched this page so that you receive our insights on all POPIA infringement notices.
January 2025
Department of Basic Education enforcement action | Consent
The Information Regulator issued an enforcement notice against the Department [...]
September 2024
DOJ infringement notice 1 | Security measures
The information regulator issued a DoJ infringement notice to the [...]
February 2023
Draft POPIA Rules for the Enforcement Committee
The Information Regulator published a notice calling for comments on [...]
September 2022
How to make the Information Regulator happy with your organisation
Picture yourself sitting on your couch at home, causally flicking [...]
August 2022
Information regulator establishes enforcement committee
The information regulator has finally established the enforcement committee (committee). [...]