#8 EMPLOYEES 5

As promised in the previous insert, I will now address the penalties that may be imposed for non-compliance.

POPI exposure has four aspects to it;

• Firstly there is the possibility of a fine for non-compliance which can be up R10 million.

• Secondly the aforesaid can go hand in hand with spending up to 10 years in jail.

• Thirdly there is the suggestion that Section 99 (1) has introduced (Over and above the absolute liability aspect**) ‘ .. a form of statutory vicarious liability for employers if employees breach POPI and as a consequence, a civil action (by a person whose privacy has been infringed upon through the unlawful, culpable processing of his or her personal information) for damages may be instituted against the responsible party [the employer] irrespective** of whether there is intent or negligence on the part of the responsible party (ENSafrica - By Era Gunning & Nicole Gabryk)

• Finally there is a possible impact on your brand for a breach of security which the Information Regulator may require you to make public, over and above having to advise the Data Subject.

© ADV LOUIS NEL Louis-THE-lawyer

DISCLAIMER - Each case depends on its own facts & merits - the above does not constitute advice - independent advice should be obtained in all instances

The recently introduced Cybercrimes Act imposes a duty on electronic communications service providers and financial institutions to report certain offenses within 72 hours. Failure to make the required report could lead to a fine on conviction of a maximum of ZAR50 000

However let’s not stick to our shores – if the business you conduct falls under the auspices of the European Community General Data Protection Regulations (2016/679 & Directive 395/46/EC)(‘GDPR’) the fines are materially higher i e the greater of 4% of the entity's global annual revenue or €20 million!

Let’s take a leaf out of the UK book - ‘80% of UK small businesses close after fines under their privacy laws’ https://petercarruthers.teachable.com/p/freetraining-popi-protection-personalinformation-act-small-business

Before I move on, the above is a very definite indication that proper & adequate insurance must be at the top of the ‘shopping list’!

My next issue & final insert on employees will deal with the POPI requirements for the WFH scenario.