Ever seen a toddler on one of those child leashes? They’re straining as hard as their little sausage legs allow, desperate to run free, talk to strangers and create a crayon masterpiece on the nearest wall (or lick a squirrel – one never can tell). That’s kind of how [...]
30 June 2021. Unless this is your birthday, this date probably fills most of you with some trepidation. No need – let’s turn the anxiety into excitement that POPIA is finally here (after TEN. YEARS). If you still feel like you’re lagging behind, stop panicking and be cool. Get [...]
It has been a decade since talk of the Protection of Personal Information Act started. Ten. Years. And finally we have an effective date. It is 1 July 2020. That’s right; it means that we have until 30 June 2021 to become compliant. We’ve been talking about it for [...]
It’s week 5 000 of the national lockdown, so we reckon everyone will appreciate a change of focus (since we can’t change the scenery). From what we can tell, most people’s pace during lockdown is either crazy-busy or bored-to-tears. So, for those of you leaning towards the bored spectrum, here [...]
Why the face? The Information Regulator asked the President to announce 1 April 2020 as the commencement date for the Protection of Personal Information Act (POPIA). 1 April is also an auspicious date widely known as April Fools Day. It is lesser known as Sourdough Bread Day. On 1 April [...]
It turns out SA’s largest recorded data breach was traced to a Web server registered to a real estate company based in Pretoria, Jigsaw Holdings. They are a holding company for several real estate franchises including Realty1, ERA and Aida. Apparently, this website had exceptionally lax security and contained a [...]
In week 6 of our POPI DIY programme we look at what an operator is, and how to make sure you have the right operator contracts in place with yours. In terms of POPI an operator is a person or company who processes personal information on behalf of the responsible [...]
A ‘Bring Your Own Device’ policy (BYOD Policy) is essentially a set of rules applicable to employees who want to use their personal devices for work purposes. No policy is a one-size-fits-all, so you should use this as a guideline only and determine what will work for your business. Here [...]
South Africa has drafted (and redrafted) the Cybercrime and Cybersecurity Bill. The Justice Portfolio Committee held hearings on this Bill last week, and I was there. If you’re interested in what the Bill means for SA, and how to keep up to date with the latest changes, the University of [...]
We unpack the new UK Data Protection Bill and how it relates to GDPR. On 13 September 2017, the UK Government introduced the new Data Protection Bill (the Bill) in the House of Lords. If enacted, the Bill will repeal and replace the existing Data Protection Act 1998 and supplement [...]
I might be slightly obsessed with Billions, the series. It is riddled with quotable quotes. My personal favourite? “It’s like Highlander: there can be only one” - Bobby Axelrod. Despite my inherent dislike of Axe, I can’t help but respect his business acumen. In S2. Ep5 he shares this pearl [...]
All businesses have risks. Ideally, a business would mitigate all the risks, but this simply isn’t practical – you have to prioritise. At a high level risk management is intended to: * Identify the risks, * Prioritise the risks * Propose solutions to the risks (and get them accepted), * [...]
The EU-US Privacy Shield is a data transfer framework which provides for the transfer of personal data of EU citizens to the US for processing without the risk of breaching fundamental European privacy rights. The framework was agreed in February 2016 and opened for sign-up in August. More than 2000 [...]
The National Consumer Tribunal has released a finding which - essentially - finds that Edcon has been unlawfully charging its customers a fee to belong to its club. This finding is very significant for Edcon who faces the possibility of having to refund customers to the tune of several billion [...]
Data breaches are almost inevitable. So, in addition to working towards preventing data breaches, you should be asking yourself whether your business is ready to respond quickly and effectively when the pawpaw (or POPIA) strikes the fan. When you look at data breaches around the world, businesses often get into [...]
Hey you! The douchebag attorney/compliance specialist with the newsletter or event to peddle. Stop saying that POPI is coming into effect/commencing/whatever early in whatever year/quarter/month/week you happen to find yourself in. That is the kind of lie that makes people hate us. Let's set the record straight. No-one knows when POPI [...]