Commencement: The Protection of Personal Information Act

​The Information Regulator has requested that the President declare that the remaining provisions of the Protection of Personal Information Act (POPIA) commence on 1 April 2020.

​This came to light during an interview given by Pansy Tlakula, the Chairperson of the Information Regulator of South Africa, broadcast on eNCA on 25 January 2020. If the President acts on the Information Regulator's request, the remaining provisions in POPIA regulating the processing of personal information will become effective on 31 March 2021 (unless the 12-month grace period is extended by the Minister of Justice and Constitutional Development).

While certain sections of POPIA are already effective, including those provisions concerning the establishment of the Information Regulator and the manner in which regulations may be promulgated, the remaining provisions of POPIA are yet to become fully operational.

Once the remaining provisions of POPIA are in effect, they will regulate the way public and private bodies process personal information of both natural and juristic persons (such as companies and trusts) in South Africa.

Given that non-compliance with POPIA may result in significant civil and criminal sanctions, it is important that all businesses ensure compliance with POPIA prior to its commencement.