The Information Regulator has established an Enforcement Committee to tackle matters related to the Protection of Personal Information Act (POPIA) and the Promotion of Access to Information Act (PAIA).
The Enforcement Committee, chaired by Advocate Helen Fourie, with Simonè Margadie as alternative chairperson, comprises 14 independent experts from a wide array of professional backgrounds such as law, information security, education, finance accounting, auditing, actuarial science, forensics and criminal investigations.
“Section 93 of POPIA provides that the Enforcement Committee must consider all matters referred to it by the Regulator regarding a complaint, an investigation of a complaint, a finding in respect of the complaint, and as referred to in section 92 of POPIA, other matters or a recommendation in respect of the proposed action to be taken by the Regulator,” the Information Regulator said in a statement on Thursday.
The matters to be referred to the Enforcement Committee also include any matter regarding a complaint in terms of PAIA.
The Enforcement Committee is required to make findings in respect of matters referred to it and may make any recommendation to the Regulator necessary or incidental to any action that should be taken against a responsible party in terms of POPIA or an information officer or head of a private body in terms PAIA.
“The inauguration of the Enforcement Committee is a historic moment for the Regulator,” said Information Regulator chairperson Advocate Pansy Tlakula at the induction session for the Enforcement Committee on July 22.
“For the first time since its establishment in 2016, the Regulator will be able to enforce its powers and provide an effective remedy to the complainants whose right to privacy and the right of access to information have been infringed.”
The establishment of the Enforcement Committee is a shot in the arm to the Regulator's efforts aimed at confronting the increasing volume of complaints by the public regarding the processing of their personal information by responsible parties or the denial of access to information by public or private bodies.
In the 12 months since the enforcement powers of the Regulator came into force, 150 access to information complaints and 544 protection of personal information complaints have been submitted to the Regulator.
The Enforcement Committee will play a critical role in resolving some of these cases if they are not resolved at the earlier phases of the case management processes, such as the pre-investigation, investigation and mediation phases.