Protection of Personal Information gets real

Effective date announced by Government

The Protection of Personal Information Act (POPI) was passed in 2013, but its implementation has been delayed frustratingly long. Government has now announced that POPI will become effective on 1 July 2020. There is a year grace period during which South Africans need to prepare to comply with the Act – The Information Regulator will start to enforce it on 30 June 2021.

As a consumer, you will notice you will be asked to sign consent clauses by every service provider who has your details. Our firm has also included a POPI clause in our mandate (it’s clause 12) – if you have not yet signed it, please print, complete and return it to us with the necessary FICA information. If you have signed it, please just print the consent clause and return it to us once signed. POPI requires everyone who collects, uses and retains personal information to obtain the consent of the owner of that information (the “data subject”). Your legal team is obliged by our professions’ ethics to keep your information confidential, so you need have no qualms about signing the consent.

Is it ok to sign consent clauses for other service providers?

It’s likely they will refuse to provide you with the service if you refuse to provide the consent. You may be able to delete some of the wording, e.g. a reference to using your data for marketing purposes. Consent does not entitle anyone to misuse your information- you can still report this to the Information Regulator at inforeg@justice.gov.za, who can impose fines of up to R10 million. So, in general it should be fine for you to sign these consent clauses.

Still want to find out more?

Take a look at our blog post for an introduction to POPI. For the full Act in user-friendly format click here. Let us know if we can help your organisation with compliance.

Kind regards,
Trudie and the team

  , , , , , , , , , , , , , ,


Leave a Reply

Your email address will not be published. Required fields are marked *