This document discusses key principles of data protection from South Africa's Protection of Personal Information Act (POPI), including lawful processing of personal information, consent requirements, and security safeguards. It emphasizes the responsibilities of data controllers and operators to protect personal data through transparency, proper purpose and retention of data, compliance with privacy policies, and implementing security measures. The document provides examples and guidance on how organizations can achieve POPI compliance.
The Privacy Law Landscape: Issues for the research communityARDC
Presentation by Anna Johnston of Salinger Privacy to ARDC's 'GDPR and NDB scheme: Intersection with the Australian research sector' webinar on 13 September 2018
European Data Protection, the Right to be Forgotten and Search EnginesDavid Erdos
Provides background and explores the interpretation and enforcement of search engines' obligations under European data protection almost four years on from Google Spain (2014) and on the cusp of the new GDPR era. Focuses on four ongoing controversies: (i) the scope of such responsibilities under DP, (ii) the regulation of sensitive persona data, (iii) the legitimacy of webmaster notification and (iv) the geographical scope of action required.
The Privacy Law Landscape: Issues for the research communityARDC
Presentation by Anna Johnston of Salinger Privacy to ARDC's 'GDPR and NDB scheme: Intersection with the Australian research sector' webinar on 13 September 2018
European Data Protection, the Right to be Forgotten and Search EnginesDavid Erdos
Provides background and explores the interpretation and enforcement of search engines' obligations under European data protection almost four years on from Google Spain (2014) and on the cusp of the new GDPR era. Focuses on four ongoing controversies: (i) the scope of such responsibilities under DP, (ii) the regulation of sensitive persona data, (iii) the legitimacy of webmaster notification and (iv) the geographical scope of action required.
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
Webinar: An EU regulation affecting companies worldwide - GDPRpanagenda
Webinar recording: http://pan.news/lpL030kab92
Abstract: Do you work internationally? Do you have or are you planning to have employees and customers in the European Union? Then you are also affected by the European Union's "General Data Protection Regulation" (GDPR) coming into force on May 25th, 2018. It is the most influential change in the area of privacy and data protection in European history.
In this webinar, we want to summarize the most important legislative changes. We will also show you how our solutions help IBM Domino customers to meet their documentation obligations and regulatory requirements.
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
GDPR Is Coming – Are Search Marketers Ready?MediaPost
The EU’s General Data Protection Regulation (GDPR) is the most significant change to consumer privacy laws in decades and the enforcement date is approximately 1 month away. The standards for data collection and use in the EU will significantly differ from those in the United States. This session will breakdown the differences and discuss methods for compliance going forward.
PRESENTER
Gary Kibel, Partner, Davis & Gilbert LLP @GaryKibel
Ovations Group - Introducing the Protection of Personal Information (PoPI) ac...OvationsGroup
Ovations Group is ideally positioned to help South African companies implement processes and best practices to ensure compliance with the Protection of Personal Information (PoPI) act.
This presentation outlines the fundamentals of the act and explains how the Ovations Group can assist companies in avoiding the pitfalls PoPI presents.
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
Webinar: An EU regulation affecting companies worldwide - GDPRpanagenda
Webinar recording: http://pan.news/lpL030kab92
Abstract: Do you work internationally? Do you have or are you planning to have employees and customers in the European Union? Then you are also affected by the European Union's "General Data Protection Regulation" (GDPR) coming into force on May 25th, 2018. It is the most influential change in the area of privacy and data protection in European history.
In this webinar, we want to summarize the most important legislative changes. We will also show you how our solutions help IBM Domino customers to meet their documentation obligations and regulatory requirements.
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
GDPR Is Coming – Are Search Marketers Ready?MediaPost
The EU’s General Data Protection Regulation (GDPR) is the most significant change to consumer privacy laws in decades and the enforcement date is approximately 1 month away. The standards for data collection and use in the EU will significantly differ from those in the United States. This session will breakdown the differences and discuss methods for compliance going forward.
PRESENTER
Gary Kibel, Partner, Davis & Gilbert LLP @GaryKibel
Ovations Group - Introducing the Protection of Personal Information (PoPI) ac...OvationsGroup
Ovations Group is ideally positioned to help South African companies implement processes and best practices to ensure compliance with the Protection of Personal Information (PoPI) act.
This presentation outlines the fundamentals of the act and explains how the Ovations Group can assist companies in avoiding the pitfalls PoPI presents.
In this session, see Google Web Toolkit used in exotic and creative ways to solve interesting engineering problems, from authoring OpenSocial apps that run as both Web gadgets and native Android applications, to developing Adobe AIR applications using GWT, compiling CSS selectors to Javascript at compile time, running multithreaded code with GWT and Gears workers, or exporting GWT libraries for JavaScript users. Learn the secrets of writing "faster than possible" GWT code, how to use Generators and Linkers in harmony, and make seamless procedure calls from GWT code to other environments like Flash, Gears, or Android.
2014-04-16 Protection of Personal Information Act Readiness WorkshopPaul Jacobson
These are my slides for my presentation at the Protection of Personal Information Act Readiness Workshop at the OR Tambo Protea Hotel on 16 April 2014. My focus was on understanding data processing constraints; identifying key risk areas and the benefits of better data protection frameworks.
Key Issues on the new General Data Protection RegulationOlivier Vandeputte
The General Data Protection Regulation is one of the most wide ranging pieces of legislation passed by the EU in recent years. The GDPR comes into effect on 25 May 2018. The new framework is ambitious, complex and strict. It presents any organization that has so far failed to begin preparations with a steep challenge to become GDPR compliant in time.
We have summarized the key issues in our GDPR brochure.
This presentation covers what you as a business owner need to do in order to be ready and compliant for GDPR. It shows you all of the different lawful basis that you can use for processing personal data, so that you do not have to rely on consent.
So You Want to Protect Privacy: Now What?Stuart Bailey
Protecting privacy is more than just stating principles; compliance means being able to demonstrate how everyday practices affect the ability to comply with abstract principles and interests. A short discussion on how managing information helps demonstrate compliance.
Data Protection and Academic Research: The New GDPR FrameworkDavid Erdos
These slides provide an overview of the new data protection framework for academic research under the GDPR, situating this within the broader context of ethical review. After outlining the broad scope and default duties of the GDPR, the slides look at the critical issue of distinguishing processing for “academic purposes” - common in humanities and social studies – from processing only for “research” – common in the biomedical and other “hard” sciences. Whilst the former is subject to wide and liberal derogations akin to journalism, the latter is subject to mandatory safeguards and limited (and often further safeguarded) derogations. The implications of all this for ensuring lawful processing is outlined focusing on purposes specification, transparency, legal vires, data export and discipline duties as regards processors and co-controllers. It is finally noted that article 23 of the GDPR could permit further flexibility in future through secondary legislation.
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...Harrison Clark Rickerbys
Slideshow from GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Directors, IT Directors & Ops Directors, on 7th March 2018 at Hilton Puckrup Hall
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
No matter what kind of law practice you have, you need to comply with privacy laws generally and lawyers' ethical duties with respect to privacy, specifically. In this presentation, legal ethics counsel Sarah Banola (Cooper, White and Cooper, LLP) and employment and privacy attorney Diana Maier (Law Offices of Diana Maier) deliver a primer on privacy law and teach you the key areas of privacy law and associated ethical obligations.
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
I presented at an event to promote the PaperFreeWeb movement and spoke about paper-less workflows and some of the legal issues to bear in mind when shifting to a digital workflow.
Why transparency is so important - my presentation at the 2014 SA Privacy Man...Paul Jacobson
I presented at the SA Privacy Management Summit on 4 March 2014. I discussed themes relating to responsible data protection practices and focused on why transparency is so important and how it helps companies earn data subjects' trust.
I was invited to present at the 2014 Photo and Film Expo and spoke about copyright and a couple related themes to a terrific audience comprising a number of professional photographers.
2013 05-29 Advertising and Marketing Law PresentationPaul Jacobson
I presented at this terrific conference about social media and the law. I touched on a couple themes including copyright, online reputation and privacy. I took a new approach (for me, at least) and used my diabetes as an analogy for how non-lawyers tend to approach Legal.
2013 03-06 ITWeb GRC presentation on reputation managementPaul Jacobson
These are my slides for my presentation at the ITWeb GRC conference on 6 March 2013 on reputation as a corporate governance issue from the perspective of the social Web.
I am presenting at the POPI Becomes Law briefing and will talk about the social Web and social marketing aspects of the anticipated Protection of Personal Information Act.
Social media: Legal and business challengesPaul Jacobson
This is a presentation for the IT Governance Forum which ran between 24 and 27 November 2009. My goal was to highlight concrete risks that social media poses and some of the ways to address those risks.
Marketing on the social Web - Marketing Legislation ConferencePaul Jacobson
I gave this presentation at the Marketing Legislation Conference in Rosebank on 29 July 2009. It addresses some of the issues marketers should be aware of when marketing on the social Web.
This is an update to my presentation on legal issues arising out of new media. I will present this version at a series of breakfast talks hosted by Quirk.biz
This is a presentation I am giving at the moment (circa April 2008) about new media and the law. It is an expanded version of a presentation I uploaded recently and which I attempted to replace.
Legal Aspects Of New Media 2nd Annual New MediaPaul Jacobson
This is my presentation which I will be giving on 27 March 2008 at the 2nd Annual New Media Marketing Conference at Gallagher Estate, Midrand, South Africa
A "File Trademark" is a legal term referring to the registration of a unique symbol, logo, or name used to identify and distinguish products or services. This process provides legal protection, granting exclusive rights to the trademark owner, and helps prevent unauthorized use by competitors.
Visit Now: https://www.tumblr.com/trademark-quick/751620857551634432/ensure-legal-protection-file-your-trademark-with?source=share
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
How to Obtain Permanent Residency in the NetherlandsBridgeWest.eu
You can rely on our assistance if you are ready to apply for permanent residency. Find out more at: https://immigration-netherlands.com/obtain-a-permanent-residence-permit-in-the-netherlands/.
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselThomas (Tom) Jasper
Military Commissions Trial Judiciary, Guantanamo Bay, Cuba. Notice of the Chief Defense Counsel's detailing of LtCol Thomas F. Jasper, Jr. USMC, as Detailed Defense Counsel for Abd Al Hadi Al-Iraqi on 6 August 2014 in the case of United States v. Hadi al Iraqi (10026)
9. “The very practice of privacy is all about control in a world in which we
fully know that we never have control. Our friends might betray us, our
spaces might be surveilled, our expectations might be shattered. But this
is why achieving privacy is desirable. People want to be *in* public, but
that doesn’t necessarily mean that they want to *be* public. There’s a
huge difference between the two. As a result of the destabilization of
social spaces, what’s shocking is how frequently teens have shifted from
trying to restrict access to content to trying to restrict access to meaning.
They get, at a gut level, that they can’t have control over who sees
what’s said, but they hope to instead have control over how that
information is interpreted. And thus, we see our collective imagination
of what’s private colliding smack into the notion of public. They are less
of a continuum and more of an entwined hairball, reshaping and
influencing each other in significant ways.”
– danah boyd writing in her article “What is Privacy?”
11. “… it seems to be a sensible approach to say that the scope of
a person’s privacy extends a fortiori only to those aspects in
regard to which a legitimate expectation of privacy can be
harboured.”
– Bernstein and Others v Bester NO and Others
13. ‘‘consent’’ means any voluntary, specific and informed
expression of will in terms of which permission is given for
the processing of personal information
18. “The processing is necessary for the purposes of legitimate
interests pursued by the data controller or by the third party
or parties to whom the data are disclosed, except where the
processing is unwarranted in any particular case by reason of
prejudice to the rights and freedoms or legitimate interests of
the data subject.”
– Section 6, Schedule 2, UK Data Protection Act
19. Still, the “Lawful processing of personal information
conditions” provide broad parameters and context for
“legitimate interests” arguments …
21. ✤ Children’s personal information!
✤ Religious or philosophical beliefs*!
✤ Race or ethnic origin!
✤ Trade union membership*!
✤ Political persuasion!
✤ Health or sex life!
✤ Criminal behaviour or biometric information
23. ‘‘child’’ means a natural person under the age of 18 years who is not
legally competent, without the assistance of a competent person, to
take any action or decision in respect of any matter concerning him-or
herself;
30. Privacy statement essentials
✤ What personal information do you collect?!
✤ What do you do with that personal information?!
✤ When may the personal information be disclosed and to
whom?!
✤ How long do you retain personal information, where do you
retain it and what are your safeguards?!
✤ How may a data subject interrogate your databases?
33. “A responsible party must take reasonably practicable steps
to ensure that the personal information is complete, accurate,
not misleading and updated where necessary.”
– Section 16, the Protection of Personal Information Act
34. Do you facilitate meaningful access to
personal information you hold?
38. “Personal information may only be processed if, given the
purpose for which it is processed, it is adequate, relevant
and not excessive.”
– Section 10, the Protection of Personal Information Act
39. Purpose specification
“Personal information must be collected for a specific, explicitly
defined and lawful purpose related to a function or activity of
the responsible party”
Be transparent about the purpose
46. “… records of personal information must not be retained any
longer than is necessary for achieving the purpose for which
the information was collected or subsequently processed …”
– Section 13, Protection of Personal Information Act
47. Don’t lose sight of the bigger data
retention compliance picture
Electronic Communications
and Transactions Act
Protection of Personal
Information Act
Everything else
49. “A responsible party must secure the integrity and
confidentiality of personal information in its possession or
under its control by taking appropriate, reasonable
technical and organisational measures …”
– Section 19, Protection of Personal Information Act
52. “A responsible party must, in terms of a written contract
between the responsible party and the operator, ensure that
the operator which processes personal information for the
responsible party establishes and maintains the security
measures referred to in section 19 …”
– Section 21, Protection of Personal Information Act
54. Helpful questions
How do you process personal information?
Are you the responsible party or the operator?
Is your reputation at risk and what could go wrong?
64. Paul Jacobson 083 444 8260
webtechlaw.com/contact
Thank you for your time.
Please feel free to contact me if we can assist you or answer questions.