As promised in the previous insert, I will now address the penalties that may be imposed for non-compliance.
POPI exposure has four aspects to it;
- Firstly there is the possibility of a fine for non-compliance which can be up R10 million.
- Secondly the aforesaid can go hand in hand with spending up to 10 years in jail.
- Thirdly there is the suggestion that Section 99 (1) has introduced (Over and above the absolute liability aspect**) ‘.. a form of statutory vicarious liability for employers if employees breaches POPI and as a consequence a civil action (byperson whose privacy has been infringed upon through the unlawful, culpable processing of his or her personal information) for damages may be instituted against the responsible party [the employer] irrespective** of whether there is intent or negligence on the part of the responsible party’ (ENSafrica - By Era Gunning & Nicole Gabryk)
- Finally there is possible impact on your brand for a breach of security which the Information Regulator may require you to make public, over and above having to advise the Data Subject.
The recently introduced Cybercrimes Act imposes a duty on electronic communications service providers and financial institutions to report certain offences within 72 hours. Failure to make the required report could lead to a fine on conviction of a maximum of ZAR50 000.
However let’s not stick to our shores – if the business you conduct falls under the auspices of the European Community General Data Protection Regulations (2016/679 & Directive 395/46/EC)(‘GDPR’) the fines are materially higher i.e. the greater of 4% of the entity's global annual revenue or €20 million!
Let’s take a leaf out of the UK book - ‘80% of UK small businesses close after fines under their privacy laws’
Before I move on, the above is a very definite indication that proper & adequate insurance must be at the top of the ‘shopping list’!
My next issue & final insert on employees will deal the POPI requirements for the WFH scenario.
September 02 2021
DISCLAIMER - Each case depends on its own facts & merits - the above does not constitute advice - independent advice should be obtained in all instances
LEGAL ADVICE CLUB ('LAC') - You can obtain specialized tourism advice from Louis (39 years in tourism) on an hoc basis via the COVID SPECIALS for SATSA, FEDHASA, ST&BA & TRAVELPEOPLE members (1) 10 minutes of pro bono (Free) advice via a phone call or e-mail and/or (2) by joining his LAC for which the joining fee & hourly rates have been reduced by 30% AND you can pay the joining fee over 3 (three) months! The fee for the 1st hour(per month) is now only R500.00.