Protection of Personal Information Act (POPIA)

The Protection of Personal Information Act, No 4 of 2013 promotes the protection of personal information by public and private bodies.

The Protection of Personal Information (POPIA) Act has been signed into law by the President on 19 November and published in the Government Gazette Notice 37067 on 26 November 2013. The President has signed a proclamation declaring some parts of the Protection of Personal Information Act No 4 of 2013 effective from 11 April 2014. The sections that became effective deals with the appointment of the Information Regulator.

The National Assembly approved the appointment of members to the Information Regulator on 7 September 2016. The Regulator will be responsible for education, monitor and enforce compliance, handle complaints, perform research and facilitate cross-border cooperation. Adv Pansy Tlakula was appointed as the Information Regulator with effect from 1 December 2016. Adv Lebogang Stroom, and Johannes Weapond were appointed as full-time members and Ms Alison Tilley and Professor Sizwe Snail were appointed as part-time members.

The President proclaimed the commencement of certain sections in 2020. In terms of the Proclamation, sections 2 to 38; 55 to 109; 111 and 114(1), (2) and (3) of POPIA came into effect on 1 July 2020. POPIA granted public and private bodies 1 year to comply with the Act, which therefore requires compliance from 1 July 2021.