Data Protection Update — January 2014: international update - .PDF file.
South Africa’s Protection of Personal Information Bill (PoPI) has finally been signed into law by president Jacob Zuma, nearly a decade after the first data protection framework legislation was drafted and more than five years since PoPI was introduced in Parliament in August 2008.
The law is similar to the European model and is based on the current EU data privacy principles. PoPI incorporates eight data protection principles, including in relation to transparency, accountability and the requirement of consent from the data subject to data processing. PoPI prohibits the transfer of personal information outside South Africa subject to certain exceptions, broadly determined by whether the transfer is in the best interest of the data subject or whether the data subject has consented to the transfer. PoPI also regulates the use of personal information for direct marketing purposes and grants the South African data protection authority the rights to carry out investigations and impose fines of up to ZAR10m (540,000) for breaches of PoPI…
If you are registered and logged in to the site, click on the link below to read the rest of the Stephenson Harwood briefing. If not, please register or sign in with your details below.