Information law

It is trite that companies must comply with all applicable laws and understand the context of the laws which may apply to it.

In processing information of any kind a company will be subject to numerous information-related laws which may affect its processing of the information.

The Companies Act expressly requires that public companies and state owned companies appoint persons knowledgeable and experienced in relevant laws as the company secretary, and the company secretary is obliged to make sure that directors are aware of any law relevant to or affecting the company. The fact that the obligation to appoint a company secretary only applies to public or state owned companies does not in any way detract from all companies’ (and legal entities of any nature) obligation to comply with applicable law or the directors and/or executives of the company or entity ensuring that they identify those laws that are relevant to the operation of the business of the company or the entity.

The King III Report also recommends that companies should also adhere to applicable non-binding rules, codes and standards, if it would constitute good governance and practice.

In addition to the obligations of public and state owned companies all entities who process personal information are obliged in terms the Promotion of Access to Information Act and the Protection of Personal Information Act to appoint an “Information Officer”. For the information officer to be able to perform his or her function in compliance with legislation it will be necessary for the information officer to develop a proper understanding of all laws that govern its processing of information from the generation of the information, its processing of information in the normal course of business, the retention of information for record purposes, and ultimately the destruction of information.

Privacy Online can assist companies in identifying laws which are relevant to and affecting its processing of information with a specific focus on the processing of personal information. In doing so it will also assist companies in identifying relevant standards, rules, codes of conduct and other guidelines that may assist its compliance with the law and establishment of frameworks for the processing of information, that are aligned with generally accepted practices relevant to the company.

  • 08 August 2018 - 13:41:00
    On the 25th July 2018 as a result of announcements that were made by Facebook relating to its future revenues the market value of Facebook dropped by US$ 148 billion (or R1,95 trillion). This is almost half of South Africa’s total GDP in 2016.

    While there may be several reasons for the decline in Facebook’s revenue which led to the sell-off of shares, one of the three primary factors for the decrease in projected profitability of Facebook is the focus on privacy and security

  • 08 August 2018 - 13:36:00
    As I wrote in a previous article, South Africa according to the PWC Global economic crime and fraud survey of 2018 suffers the second highest number of cybercrimes of all the countries in the world. While I have no statistics to support this I would suggest that internet banking fraud must rank as one of the primary attack vectors for cybercriminals.

    The Ombudsman for Banking Services of South Africa (Ombud) reported that for the first time in 2017 internet banking fraud was the category of crime that was most prevalent of the disputes that the Ombud has been requested to deal with. No less than 1377 internet banking complaints were closed by the Ombud in 2017. It is clear that significantly more citizens are victims of internet banking fraud as not all of the matters have been referred to the Ombud.