Tag Archives: Protection

Gearing up for POPI compliance

Posted on by

B3The Protection of Personal Information (POPI) Act will soon be tabled in parliament. The POPI Act outlines how companies may collect, handle, store and discard the personal information of others. The new regulations come with heavy penalties for those that fail to comply. POPI can only commence once the Information Regulator is operational. Once the commencement date of the Act is announced, which could be later this year, organisations will have 12 months to comply with the Act.

Who is the Information Regulator?

The Information Regulator is a new regulator that was created by the POPI Act. POPI gives the Information Regulator the power to investigate and fine responsible parties. The Information Regulator will also be able to accept complaints and act on those complaints.

Does POPI apply to me or my business?

POPI applies to every South African based public and/or private body who, either alone, or in conjunction with others, determines the purpose of or means for processing personal information in South Africa.

There are cases where POPI does not apply. Exclusions include:

  1. purely household or personal activities.
  1. sufficiently de-identified information.
  1. some state functions including criminal prosecutions, national security etc.
  1. journalism under a code of ethics.
  1. judiciary functions etc.

What is Personal Information?

Personal Information means any information relating to an identifiable, living natural person or juristic person (companies, CC’s etc.) and includes, but is not limited to:

  1. contact details: email, telephone, address etc.
  1. demographic information: age, sex, race, birth date, ethnicity etc.
  1. history: employment, financial, educational, criminal, medical history
  1. biometric information: blood type etc.
  1. opinions of and about the person
  1. private correspondence etc.

How to comply with POPI

Non-compliance with the Act could expose you to a penalty of a fine and/or imprisonment of up to 12 months. In certain cases, the penalty for non-compliance could be a fine and/or imprisonment of up 10 years.

  1. Only collect information that you need for a specific purpose.
  1. Apply reasonable security measures to protect it.
  1. Ensure it is relevant and up to date.
  1. Only hold as much as you need, and only for as long as you need it.
  1. Allow the subject of the information to see it upon request.

Conclusion

While the purpose of the POPI Act is to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another person’s personal information, one could argue that this should be seen as complementary to digital ethics’ practices companies should already have started putting in place. Either way, POPI is coming and companies should start gearing themselves up before being caught out.

References:

This article is a general information sheet and should not be used or relied on as legal or other professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your legal adviser for specific and detailed advice. Errors and omissions excepted (E&OE)

Is your business POPI compliant?

Posted on by

A2BPOPI refers to South Africa’s Protection of Personal Information Act which seeks to regulate the Processing of Personal Information.

What is Personal Information?

Means any information relating to an identifiable, living natural person or juristic person (companies, CC’s etc.) and includes, but is not limited to:

  • Contact details: email, telephone, address etc.
  • Demographic information: age, sex, race, birth date, ethnicity etc.
  • History: employment, financial, educational, criminal, medical history
  • Biometric information: blood type etc.
  • Opinions of and about the person
  • Private correspondence etc.

What is Processing?

Processing broadly means anything done with someone’s personal Information, including collection, usage, storage, dissemination, modification or destruction (whether such processing is automated or not).

Some of the obligations under POPI:

  • Only collect information that you need for a specific purpose.
  • Apply reasonable security measures to protect it.
  • Ensure it is relevant and up to date.
  • Only hold as much as you need, and only for as long as you need it.
  • Allow the subject of the information to see it upon request.

Does POPI really apply to me or my business?

POPI applies to every South African based public and/or private body who, either alone, or in conjunction with others, determines the purpose of or means for processing personal information in South Africa.

There are cases where POPI does not apply. Exclusions include: Section 6:

  • purely household or personal activity.
  • sufficiently de-identified information.
  • some state functions including criminal prosecutions, national security etc.
  • journalism under a code of ethics.
  • judiciary functions etc.

Why should I comply with POPI?

POPI promotes transparency with regard to what information is collected and how it is to be processed. Openness increases customer trust in the organisation.

Non-compliance with the Act could expose the Responsible Party to a penalty of a fine and/or imprisonment of up to 12 months. In certain cases, the penalty for non-compliance could be a fine and/or imprisonment of up 10 years.

This article is a general information sheet and should not be used or relied on as legal or other professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your legal adviser for specific and detailed advice. Errors and omissions excepted (E&OE)

The interplay between the Consumer Protection Act and the National Credit Act, and the possibility of penalties with early settlement of credit agreements

Posted on by
shutterstock_303691415Mr Black buys a BMW car in terms of a hire purchase agreement and the financing is done through BMW Finance. After a few months Mr Black inherits a huge sum of money and decides that he wants to settle the outstanding amount. Mr Black’s concern is whether the credit provider is entitled to charge a penalty fee for early settlement of the outstanding finance amount.The first step in answering the abovementioned question will be to determine which laws regulate the situation. The legislation that applies here will be the National Credit Act 34 of 2005 and the Consumer Protection Act 68 of 2008.

In the above scenario a distinction should be drawn between the scope of each of these Acts, as the one pertains to the credit agreement itself and the other to the goods, being the BMW car. Section 5 of the Consumer Protection Act lists the situations in which this Act will apply. Section 5(2)(d) is of particular interest to Mr Black as it excludes credit agreements which are regulated by the National Credit Act. However, the goods or services provided in terms of the credit agreement are included and will be regulated by the Consumer Protection Act, whereas credit agreements as contemplated in the National Credit Act, specifically section 8(4)(c), includes hire purchase agreements (instalment agreements) in the ambit of the National Credit Act.

Mr Black’s situation illustrates the position as stated in Article 5(2)(d) of the Consumer Protection Act. The implication of this section is that all credit agreements that are subject to the National Credit Act will be governed by the National Credit Act, but the goods and services in terms of the agreement will fall within the scope of the Consumer Protection Act. It is here that the above acts overlap with each other. The overlap actually lies in that both acts can apply to one agreement. The credit agreement must comply with the National Credit Act, but the goods and services must comply with the Consumer Protection Act. If there is a defect in the quality of the goods or the service the Consumer Protection Act will provide the appropriate remedy, but if it is about the credit agreement itself, then the National Credit Act will apply.

Section 2(9) of the Consumer Protection Act deals with the interpretation of the Act and more specifically on how the law has to be interpreted in cases where there are discrepancies between the Consumer Protection Act and any other law. The Consumer Protection Act should be read in harmony with other legislation as far as possible, but if it is not possible, then the law that offers the most protection to the consumer shall apply.

The two sections in the National Credit Act which deals with the early settlement of credit agreements are sections 122 and 125 of the Act. According to section 122 of the National Credit Act, a consumer may terminate the credit agreement at any time. The consumer can do this by paying the settlement amount as calculated in accordance with section 125 of the National Credit Act.

Section 125 states that a consumer is entitled to cancel a credit agreement at any time with or without prior notice to the credit provider. The settlement amount will be the sum of the following amounts:

l The outstanding balance of the principal debt / capital amount.

l All rates and charges up to and including the settlement date. For example, if the outstanding amount can be settled after 3 months, then 3 months' interest would be charged. The interest will be calculated on the principal amount borrowed.

In the case of a large credit agreement (R250 000.00 or more) the outstanding amount will be calculated as above, but with additional interest, known as an early settlement fee. The fee may not exceed an amount equal to three months' interest on the capital amount.

Conclusion:

Therefore, if the BMW that Mr Black bought was worth more than R250 000.00 the credit provider will be entitled to charge a penalty fee of not more than 3 months' interest on the capital amount. In the event that the purchased item's worth is less than R250 000.00 the credit provider will not be entitled to charge a penalty fee.

This article is a general information sheet and should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your legal adviser for specific and detailed advice. Errors and omissions excepted. (E&OE)