The European Union’s General Data Protection Regulation (GDPR) and its Implications for South African Data Privacy Law: An Evaluation of Selected ‘Content Principles’

IF 0.1 Q4 LAW
Anneliese Roos
{"title":"The European Union’s General Data Protection Regulation (GDPR) and its Implications for South African Data Privacy Law: An Evaluation of Selected ‘Content Principles’","authors":"Anneliese Roos","doi":"10.25159/2522-3062/7985","DOIUrl":null,"url":null,"abstract":"After a lengthy legislative process, South Africa implemented the Protection of Personal Information Act 4 of 2013 (POPI Act) on 1 July 2020. The POPI Act is an omnibus data-protection Act that conforms to the former benchmark for data-protection laws worldwide, namely, the 1995 EU Data Protection Directive. At the time of drafting the proposed Bill that would later become the Act, the South African Law Reform Commission emphasised the importance of a South African data-protection Act that complies with international standards on data protection, especially with the EU’s Directive. The Directive, in Article 25, imposed a prohibition on the transfer of personal data to non-member countries that do not ensure an adequate level of protection when personal data of their citizens are processed. South Africa’s Act needed to comply with the standard set in the Directive for the protection of personal information if South Africa wanted to remain part of the international information technology market. In 2016, the EU adopted the General Data Protection Regulation (GDPR) that replaced the 1995 Directive with effect from May 2018. The question now arises whether the South African Act still meets the minimum standards for data protection set out by this Regulation and whether amendments to the Act are needed. This article compares certain provisions of the GDPR with similar provisions of the POPI Act in order to establish whether the South African Act meets the standard set in the GDPR.","PeriodicalId":29899,"journal":{"name":"Comparative and International Law Journal of Southern Africa-CILSA","volume":null,"pages":null},"PeriodicalIF":0.1000,"publicationDate":"2021-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Comparative and International Law Journal of Southern Africa-CILSA","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.25159/2522-3062/7985","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"LAW","Score":null,"Total":0}
引用次数: 5

Abstract

After a lengthy legislative process, South Africa implemented the Protection of Personal Information Act 4 of 2013 (POPI Act) on 1 July 2020. The POPI Act is an omnibus data-protection Act that conforms to the former benchmark for data-protection laws worldwide, namely, the 1995 EU Data Protection Directive. At the time of drafting the proposed Bill that would later become the Act, the South African Law Reform Commission emphasised the importance of a South African data-protection Act that complies with international standards on data protection, especially with the EU’s Directive. The Directive, in Article 25, imposed a prohibition on the transfer of personal data to non-member countries that do not ensure an adequate level of protection when personal data of their citizens are processed. South Africa’s Act needed to comply with the standard set in the Directive for the protection of personal information if South Africa wanted to remain part of the international information technology market. In 2016, the EU adopted the General Data Protection Regulation (GDPR) that replaced the 1995 Directive with effect from May 2018. The question now arises whether the South African Act still meets the minimum standards for data protection set out by this Regulation and whether amendments to the Act are needed. This article compares certain provisions of the GDPR with similar provisions of the POPI Act in order to establish whether the South African Act meets the standard set in the GDPR.
欧盟的通用数据保护条例(GDPR)及其对南非数据隐私法的影响:对选定的“内容原则”的评估
经过漫长的立法程序,南非于2020年7月1日实施了2013年第4号《个人信息保护法》。POPI法案是一项综合性数据保护法案,符合全球数据保护法律的前基准,即1995年欧盟数据保护指令。在起草后来成为该法案的拟议法案时,南非法律改革委员会强调了符合数据保护国际标准,特别是欧盟指令的南非数据保护法案的重要性。该指令在第25条中规定,禁止向非成员国转移个人数据,因为这些国家在处理其公民的个人数据时没有确保足够的保护水平。如果南非想继续成为国际信息技术市场的一部分,南非的法案就需要遵守《个人信息保护指令》中设定的标准。2016年,欧盟通过了《通用数据保护条例》(GDPR),取代了自2018年5月起生效的1995年指令。现在的问题是,《南非法案》是否仍然符合本条例规定的数据保护最低标准,以及是否需要对该法案进行修订。本文将《通用数据保护条例》的某些条款与《持久性有机污染物法》的类似条款进行了比较,以确定《南非法》是否符合《通用数据管理条例》中设定的标准。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
10
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信