South Africa on its way to appoint a regulator
On 7 September, South Africa’s National Assembly approved the nomination of Pansy Tlakula as the Chairperson of the Information Regulator to enforce the Protection of Personal Information Act 2013 (POPI) and positions of other full time and part time members of the Regulator.
Nerushka Bowan, Senior Associate & Business Development Manager at Norton Rose Fulbright South Africa told PL&B that Pansy Tlakula was formerly the head of the Independent Electoral Commission in South Africa. She was the also the Africa Union’s Special Rapporteur on Freedom of Expression and Access to Information in Africa. In this role she was tasked with analysing member states’ media laws and policies, and reporting violations of press freedom. She also served as a member of the South African Human Rights Commission.
The Regulator’s office will be an independent entity within South African jurisdiction, but accountable to the National Assembly. The chairperson and other members will hold office for a period of not more than five years, and are eligible for reappointment. The appointments will now need to be confirmed by the President of South Africa.
The Information Regulator will have the power to conduct investigations, order publicity of data breaches, and issue administrative fines of up to ZAR10 million (GBP 526,195 at today’s exchange rate), Bowan says. So far, only certain sections of POPI are in force.
The next steps are:
- regulations to be promulgated under POPI, for example, the regulations setting out the cost of making a subject access request and the prescribed standards for codes of conduct.
- the announcement of POPI’s commencement date. Organisations will have time to comply fully and will not be liable for fines or non-compliance for a period of 12 months from the commencement date.
PL&B International Report will provide you with detailed news and analysis about South Africa’s law in future issues.