Privacy and Protection of Personal Information law seminarPresentation Transcript
Be aware of the Privacy and Protection of Personal Information (PPI) laws that apply to your organisation John Giles ICT lawyer email@example.com 083 322 2445 t. 086 011 1245 skype. johngiles www.OnlineLegal.co.za www.MichalsonsAttorneys.com
The goal today
What must your organisation comply with? “the board should ensure that the company complies with IT laws and that IT related rules, codes and standards are considered.“
Ignorance of the law is no excuse You should have a working understanding of the effect of the applicable laws, rules, codes and standards on the company and its business. The induction and ongoing training programmes should incorporate an overview of and any changes to applicable laws, rules, codes and standards. You should sufficiently familiariseyourself with the general content of applicable laws, rules, codes and standards to discharge your legal duties. You should understand the context of the law, and how other applicable laws interact with it.
Who needs to be aware? CAE CRO Legal CO CIO
The benefits of being aware?
FinlandPersonal DP Act In force 1 June 1999 NorwayPersonal D Reg Act In force 14 April 2000 DenmarkAct on Processing f PD In force 1 July 2000 SwedenPersonal Data Act In force 24 October 1998 Ireland*- Bill to be approved BelgiumData Protection Act In force 1 Sep 2001 United KingdomData ProtectionAct In force 1 March 2000 Germany*- Bill to be approved Luxembourg* - Bill to be approved AustriaData Protection Act In force 1 January 2000 NetherlandsPersonal DP Act In force June 2001 CanadaPIP&ED Act Commenced 1 Jan 2001 ItalyData Protection Act In force 8 May 2000 MexicoeCommerce Act In force 7 June 2000 France*- Bill to be approved United States (Federal)CPP Act 1984 VPP Act 1988 COPP Act 1998 In force 21 April 2000 HIPA Act In force 14 April 2001 GLB Act In force 1 July 2001 ‘General’ Act In consideration SpainData Protection Act In force 14 January 2000 AustraliaPrivacy Act In force 21 Dec 2001 Hong KongPersonal Data (Privacy) In force 20 Dec 1996 GreeceProtection Processing PD In force 10 April 1997 New ZealandPrivacy Act In force 1 July 1993 PortugalPersonal DP Act In force 27 October 1998 TaiwanComputer Processed DP In force 11 August 1995 South KoreaeCommerce Act In force January 1999 Eastern EuropeEstonia(96) Poland (98)Solovak (98) Slovenia(99) Hungary (99)Czech(00) Latvia(00) Lithuania (00) SwitzerlandData Protection Act In force 1 June 1999 Global PerspectiveNational Private Sector Privacy Protection SOUTH AFRICA?
An Information System
Section 14(d) of the Constitution “14. Everyone has the right to privacy, which includes the right not to have- (d) the privacy of their communications infringed.”… Limitations
Common lawChildren’s ActCustoms and Excise Act
National Credit Act Confidential Information section 1 ‘personal information that belongs to a person and is not generally available to or known by others’ Section 68 Still stands – not repealed by PPI Bill