Insights | PoPI – Are we there yet?

Despite the fact that the Protection of Personal Information Act (“PoPI”) was signed by the president on 19 November 2013, a commencement date has not yet been established. It seems as though PoPi is edging toward a commencement date as the Portfolio Committee on Justice and Correctional Services recently recommended candidates for appointment to the board of the Information Regulator.

Our IP Commercialisation team has been watching the development of PoPI in recent years and believe that the importance of this law coming into force cannot be overstated. The common law does not provide a navigable framework for holding South African institutions accountable when collecting, processing, storing and sharing another entity’s personal information which necessitated this specialist legislation.

PoPI is a comprehensive piece of legislation covering personal information and will go a long way toward entrenching the right to privacy as envisaged by Constitution of South Africa. The right to privacy is protected through PoPI as it clearly defines what constitutes the unlawful collection, retention, dissemination and use of personal information.

We had a few questions for Danie Strachan, the PoPI expert on our IP Commercialisation Team.

IP Live: Does PoPI have an impact on IP commercialisation?

Danie: Yes, in various respects. For example, many organisations commercialise copyright in photographs and compilations of information. These might include personal information, and the relevant organisations would have to make sure that they comply with PoPI’s requirements in future.

IP Live: How close do you think to a PoPI commencement date?

Danie: The appointment of the Information Regulator’s board members must still be confirmed and then they need to start operations. Importantly, the regulations must still be drafted. As such, it is not very likely that the commencement date will be in this year, but we might see a commencement date in 2017. Once a commencement date has been established companies will have 12 months to comply with the provisions of PoPI.

IP Live: How much work is it going to take for the average company to be compliant?

Danie: This depends on the nature of a company’s operations and business. However, compliance will take quite a lot of effort, audits, meetings and drafting and updating of policies and documents.

IP Live: What steps should any company be taking right now?

Danie: It is important to do a high-level analysis of the personal information in the company. Identify the risk areas and start working on this. A company should appoint a task team to take up responsibility for PoPI compliance and readiness.

IP Live: Do you think twelve months is enough time to be PoPI compliant?

Danie: It might be, although some organisations will need more time. But you have the legislation available to you today, so why not start right now?

For assistance or advice regarding PoPI, click here to make contact with Danie Strachan

 

View Related Blogs
View All
news

Partial Patent Waiver for COVID-19 vaccines

Participating countries attending the 12th Ministerial Conference of the World Trade Organization (WTO) in Geneva, Switzerland reached an agreement on 17 June 2022 to partially waive intellectual prop...

Charleen RupnarainIntellectual PropertyIPLive - welcome to our blog on IP commercialisationPatents
news

Bittersweet Symphony IP dispute resolved

The dispute that first piqued my interest in intellectual property law was between The Rolling Stones and The Verve over the song Bittersweet Symphony in the late 1990s. Richard Ashcroft from The Ver...

CopyrightIntellectual PropertyIPLive - welcome to our blog on IP commercialisation
news

So You Think You Can Patent Your Invention?

You’ve come up with a great new idea and believe you’re the first person in the world to have that idea. As you start planning world domination, you consider whether you can patent your in...

Intellectual PropertyIPLive - welcome to our blog on IP commercialisationPatents