The New POPI Act – PART 4

The New Protection Of Personal Information Act (POPI)

– PART 4 – 

Principle #2 – Processing Limitation: Part 2

Personal Information (‘PI’) must at all times be collected directly from the Data Subject (‘DS’) except in following cases:

  • If it is contained in a public record: accessible in public domain and under control of public body i.e. department of state provincial or any municipality
  • If it has been made public by DS – clearly the present use of social media by many, many people creates a bit of a conundrum as unwittingly such users are waiving this obligation/right pertaining to information and often photos placed on Facebook, Twitter, etc;
  • DS has consented to it being collected from another source – given the focus of POPI it is suggested that such consent should be informed and explicit;
  • If the collection from another source will not prejudice the legitimate interests of the DS;
  • It is in order to enforce a law, collection in terms of SARS Act, a court order or in ‘interests of national security – one fears that certain institutions and government, given the hullabaloo around the recent secrecy act (Protection of State Information Act), could infringe or threaten the rights of the general public;
  • If compliance would prejudice a lawful purpose of the collection;
  • If compliance is not reasonably practicable in the circumstances – this exception may well also be open to abuse and one feels that there should be a heavy burden/onus on the party relying on this exception to prove the justification.

Disclaimer: This article is intended to provide a brief overview of legal matters pertaining to the travel and tourism industry and is not intended as legal advice. © Adv Louis Nel, BENCHMARK, August 2013.

Related Articles

Back to top button