The past couple of weeks, most people were overwhelmed with messages from friends and colleagues to delete WhatsApp or to install a different rival application like Telegram or Signal.
In a media statement dated 13 January 2021, the information regulator stated that the regulator contacted Facebook South Africa and that they will analyse if the terms of service and privacy policies are complying with the Protection of Personal Information Act (POPIA). The regulator’s swift response is reassuring and indicative of the fact that POPIA will indeed affect the way that businesses use and process personal information.
The famous staying that ”If you do not pay for the product, you are the product” might be true to a certain extent. Still, social media companies, and any other company for that matter, that process personal information must be compliant with POPIA.
Compliance is a requirement, and a company should appoint an information officer to ensure POPIA compliance of the business. The information officer should, amongst others, ensure that the business adheres to the eight conditions of lawful processing of personal information:
- Processing limitation;
- Purpose specification;
- Further processing limitation;
- Information quality;
- Security safeguards;
- Data subject participation.
The process of being compliant takes time and effort depending on the scale of any business. With all Section of POPIA coming fully into force as of 1 July 2021, time is running out as it gives companies a hard deadline to ensure compliance. If your company is not yet compliant, it would be best to act sooner rather than later.
For any concerns or questions relating to POPIA and the compliance thereof, please contact your nearest SEESA office.
About the Author:
Hanro Gerber is a Legal Advisor at the SEESA Consumer Protection & POPI and Labour departments. He is an admitted attorney and has joined SEESA in October 2013 where he is currently working at our George Branch.
- The Protection of Personal Information Act 4 of 2013
 The Protection of Personal Information Act 4 of 2013
 Section 55 of The Protection of Personal Information Act 4 of 2013
 Section 114(1) of The Protection of Personal Information Act 4 of 2013.