Data Privacy

There is still no news when the POPIA will be implemented, despite the publication on 14 December of the ‘Regulations relating to the Protection of personal information’ by the Regulator. Readers will recall that this requires all companies to have a designated ‘Information Officer” – a heavy obligation for a start-up e-shop.

I will be speaking at a conference in June on the need for SA businesses to take note of what the EU’s General Data Protection Regulation (GDPR) requires. The EU implemented its Regulation in March last year (see Newsletters passim)  and, come what may, the UK government has committed to following the EU on data privacy in future even though it plans to leave the EU at the end of March.

Meanwhile, the UK Parliament’s select committee investigating the major scandal of last year when a whistle-blower revealed that Cambridge Analytica had improperly harvested personal data of up to 87 million people  from Facebook in order to profile and target users for political advertisements, has published its findings. The Committee’s report, called the “Disinformation and ‘fake news’: Final Report”, accuses Facebook  of “intentionally and knowingly” violating UK’s privacy and competition laws and calls for much tighter regulation and scrutiny. Facebook also faces investigations from other jurisdictions in Europe and elsewhere over allegations relating to data privacy breaches , election interference and spreading fake news.