South Africa’s Protection of Personal Information (POPI) Act has now been signed into law.
Legal&Tax’s expert Chantel Cronje take’s us through just how POPI will be helping guard our personal information from harmful use.
What is POPI?
POPI is a law that makes sure that any personal information that you give out is protected.
It gives a set of rules that organisations have to follow in terms of how they collect, use, keep or remove data.
It also gives you more control over the information you give out.
The law has been effective since 1 July 2020.
Did you know?
Organisations can face penalties for going against POPI that include fines up to R10 million or 10 years in prison.
What is personal information?
Personal information is any information that can identify you to other people or groups. This includes information such as your name, age, gender and marital status.
It also includes information about your finances, jobs and education.
Personal information includes all your contact details such as phone numbers, physical and email addresses.
It also involves any information you have privately shared with other people such as your own emails and letters or images you have shared such photographs or video recordings.
Personal information can also refer to your opinions and even what other people might say about you.
There are even stricter rules around what is considered ‘special personal information’. This relates to your religious beliefs, race and trade union or political membership. It can also apply to information about your health and in some cases, if you have a criminal record.
When it comes to this special data, this information can only be released if you consent to it, if it is needed for a legal reason or some kind of research that will help society.
Did you Know?
If you share any information on social media this is considered as public information and can therefore be used by anyone?
Why is data protection important?
We live in a digital age and a lot of our lives and business is now conducted online. This means we are sharing a lot of information but not seeing where it ends up. Often private information we give is then used in ways to which we did not agree.
Sometimes, if information is used or stored incorrectly, harm can come to us through cybercrimes. People have been known to steal identities and money by stealing our data.
Shopping is also often no longer being done face-to-face, instead companies are using our contact details to market to us in ways that invade our privacy and are sometimes even potentially dangerous.
We have all seen, and most likely skipped over, the tiny writing of terms and conditions where companies deliberately use language that is difficult to understand when stating what they might do with information we share. They might be trying to trick us and POPI will no longer accept this business practice, POPI is on the side of the consumer all the way!
POPI protects our constitutional right to privacy.
Did you know?
In August this year, South Africa was rocked by one of the biggest data breaches ever. A data breach is like a robbery of information.
Approximately 24 million South Africans are believed to be affected after a world-wide company that gives out credit reports, was hacked. This also affected nearly 800 000 businesses in our country as well.
What are some of the ways POPI will protect me?
You have the right to decide carefully what information you are willing to share with companies or not. This is called giving consent and it will now be a rule that companies have to ask for it.
POPI also says that companies are only allowed to ask for information, if there is a fair and legal reason to do so.
Organisations have to be able to explain exactly what information they are collecting, who is collecting it and to give the full reasons for doing so. They have to do so in a way that can be easily understood by you.
In addition, they have to prove that they are storing your personal information in safe and secure ways and not sharing it with other groups who do not have a legal reason for getting this information. For example, one company cannot share your contact details with another one who will then contact you with their own offers without your knowledge or informed consent.
Your information can no longer be used for any other purpose than the original reason you first shared it.
Companies can only hold onto the information for as long as it is relevant – for example if you have a warranty on a product and they may need to contact you for any safety concerns. There would be no need to retain your private information at the end of the warranty.
You will also have the right to access your information and even ask for it to be removed or destroyed in certain cases.
Did you know?
If you are filling out a form online, companies can no longer pre-tick boxes for you – you will have the active choice whether to opt in (accept) certain offers or conditions.
I have a complaint about how some of my personal information is being used. What action can I take?
The POPI Act also appoints a special organisation to make sure that the law is being followed. This organisation is called the Information Regulator and they fall under the government’s justice department.
Did you know? If you are asked to take part in a survey, you will now have the legal right to remain anonymous.
With Legal&Tax you’re not alone
Legal&Tax is your companion in protecting your right to privacy. Our experts can help advise you on how best to contact the Information Regulator and what legal steps you might be able to take against the misuse of your private information. Contact us for more information.
