Birthday parties, valid consent and how not to break POPIA law

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
12,908
Lol. You do know what a Public Body is, right? You do realize it is not a private company, but rather an institution formed by the State? And therefore that Section 38 would apply to things like the SIU.

Section 38 Exemption in respect of certain functions:​

@rvZA ‘‘person’’ means a natural person or a juristic person;
@Thor like I said.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
@rvZA ‘‘person’’ means a natural person or a juristic person;
@Thor like I said.

Never look at a sentence and think you are right. Go read up on Section 38 and see who it applies to. Also read the information note by the Information Regulator on Section 38 exemption.

You also do realize that South Africa do not have a single law that mandates a private security company to investigate any crime or perform any security on its behalf, right? This would mean that Section 38 does not apply to them.
 

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
12,908
Never look at a sentence and think you are right. Go read up on Section 38 and see who it applies to. Also read the information note by the Information Regulator on Section 38 exemption.

You also do realize that South Africa do not have a single law that mandates a private security company to investigate any crime or perform any security on its behalf, right? This would mean that Section 38 does not apply to them.
Vuma is not a security company, they might assist a security company(or SAPS) in the same way they would an insurance company(financial loss).

The people that reside in those areas know already, that’s a non-issue. If you don’t stay there, you need justification for your privacy in a public space.
Just like we never saw any people in court for denying outsiders access without good reason.

Violation of POPI has to be reported by the person affected, the government is not chasing anyone but instead of me being able to do nothing (justice costs money) or the company not caring about a data leak, then the regulator steps in.
 
Last edited:

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
Vuma is not a security company, they might assist a security company(or SAPS) in the same way they would an insurance company(financial loss).

Then there is no law or legal duty as required by the Act. So, POPI would apply to them and they would need to comply by it. Although they could still continue to monitor there would be many provisions they would need to comply with.

As rightfully said by themselves:

This does not mean that CCTV surveillance is unlawful or prohibited. However, it does mean that Vumacam must comply with the provisions of POPI.


Unfortunately they would not be exempted from the POPI act, especially not interms of Section 38.
 

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
12,908
Then there is no law or legal duty as required by the Act. So, POPI would apply to them and they would need to comply by it. Although they could still continue to monitor there would be many provisions they would need to comply with.

As rightfully said by themselves:




Unfortunately they would not be exempted from the POPI act, especially not interms of Section 38.
They’re not exempted from the entire act, but they could be exempted from sections based on what’s defined in section 38.

That’s why I said, it’s like a framework not rigid in terms of do and don’t.
If you’re GDPR compliant as it’s much stricter then you’d be POPI compliant generally.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
They’re not exempted from the entire act, but they could be exempted from sections based on what’s defined in section 38.

That’s why I said, it’s like a framework not rigid in terms of do and don’t.
If you’re GDPR compliant as it’s much stricter then you’d be POPI compliant generally.

Unless they are either registered as a public body or there is a specific law which imposes such duty on them, they cannot claim any exemption, whatsoever, under Section 38. That is that. They need to be fully compliant with the POPI Act.

Remember, POPI Act does not outlaw marketing, processing of information, gathering information, taking photographs, or whatever. It merely regulates how the information is processed and what a company or public body does with that information and it places a duty on them to protect the data.

So, they can continue monitoring, but they will not get any Section 38 exemption.

At the end of the day, how the regulator will play this out, is once someone complains that they are in breach of POPI, they will investigate and Vuma will need to prove to them that they acted within the confines of the act. If they are unable to do so, they will simply be dragged infront of the High Court and a judge will make a ruling.

Much of POPI will still play out in courts.
 

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
12,908
Unless they are either registered as a public body or there is a specific law which imposes such duty on them, they cannot claim any exemption, whatsoever, under Section 38. That is that. They need to be fully compliant with the POPI Act.

Remember, POPI Act does not outlaw marketing, processing of information, gathering information, taking photographs, or whatever. It merely regulates how the information is processed and what a company or public body does with that information and it places a duty on them to protect the data.

So, they can continue monitoring, but they will not get any Section 38 exemption.
Like I said precedence set in court, a request from the SIU or Hawks changes the dynamics.
Data can be reprocessed on request.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
Like I said precedence set in court, a request from the SIU or Hawks changes the dynamics.

It would indeed, but that would not require 24-hour monitoring infitely. No court would ever grant such order, nor would any such institution have the right to request it. Again, as with any other normal company, they will need to ensure that they remain compliant with the Act.
 

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
12,908
It would indeed, but that would not require 24-hour monitoring infitely. No court would ever grant such order, nor would any such institution have the right to request it. Again, as with any other normal company, they will need to ensure that they remain compliant with the Act.
Like I said data can be reprocessed.
It’s not part of standard business operation.
lol if you think such things don’t happen…
 

Mekon

Expert Member
Joined
Oct 12, 2010
Messages
2,615
Yes, this does not only apply to normal birthday parties. This affects any person taking a photograph anywhere, in public or not. No person can publish such photograph anywhere without first obtaining permission from every person in that photograph.
People taking ariel photographs of looters are going to have their work cut out for them...
 

garp

Executive Member
Joined
Aug 2, 2004
Messages
9,016
I have no issue with the intention of an act to prevent the abuse of personal information. I have immense issue with legislation that is so loosely or poorly drafted that it will require its citizenry to be cannon fodder in the legal system just so that we can get precedent on every practical aspect of the law.

There should be an amendment to the constitution that says that any new legislation is automatically invalidated if more than x number of court cases arise to resolve its implementation within 2 yrs of its promulgation. This would force lawmakers to get their act together.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
People taking ariel photographs of looters are going to have their work cut out for them...

Anyone can still basically take photographs, even businesses, as long as it is used for pure personal reasons. But, you are right if their intention is to publish the photographs or images anywhere or sell it. The best solution would be to do what Google does on their street view... blur out all personal identifiable information, including faces.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
I have no issue with the intention of an act to prevent the abuse of personal information. I have immense issue with legislation that is so loosely or poorly drafted that it will require its citizenry to be cannon fodder in the legal system just so that we can get precedent on every practical aspect of the law.

There should be an amendment to the constitution that says that any new legislation is automatically invalidated if more than x number of court cases arise to resolve its implementation within 2 yrs of its promulgation. This would force lawmakers to get their act together.

Agreed, the knowledge and experience among our lawmakers actually require something like this. POPI Act is one of the latest acts that prove this.
 

ForceFate

Honorary Master
Joined
May 18, 2009
Messages
31,071
And, before you continue to spread your fake news about POPI not being law but rather a guideline and people can post CCTV footage without permission and you get a lot of people into legal trouble:




This is how POPI is currently written. Until such time we get more cases into the Constitutional court, this is the law and you could get a big hiding.

The South African POPI Act is one of the world's worst written laws in the world. It makes no sense and gives no proper guidelines. Unfortunately, this is nothing our lawmakers or the IR can fix and the courts will deal with it over the next few decades.
You're the one spreading fake news rvZA. Look at the extract you posted and highlighted. Then read the paragraph below it.

"There has been a fair amount of panic around POPI, due to the fact that it is possible to argue that video surveillance is essentially creating a record of an individual's unique identifier: their face," says Laurence Smith, Executive at Graphic Image Technologies. "As a result, people are worried that this would mean, for example, if they'd been a victim of crime in a shopping centre, POPI would prevent them from obtaining the CCTV footage to ascertain the identity of the perpetrator," Smith explains.

"This is not necessarily the case," explains Alan Alhadeff, Director and Attorney at Alhadeff Attorneys. "The POPI Act is concerned with transparency and accountability in how an individual's personal data can be used, and who can access that data." Alhadeff makes it clear by stating that while the Act gives individuals rights over their personal information (including the right to request access to that information and to have that information removed and destroyed), that right is not directly affected by CCTV surveillance operations.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
You're the one spreading fake news rvZA. Look at the extract you posted and highlighted. Then read the paragraph below it.

I know you are not one who likes reading Force, but did you read the last section?

So, what impact is POPI likely to have on security surveillance?

Every conversation around POPI at this point is speculative, until we know what the Information Regulator looks like and how it will enforce the Act.
"Right now, we're advising our clients to examine how the Act's requirements will affect their CCTV operations, from a practical perspective," Smith says, "since responsible parties as defined by the Act will have one year's grace to achieve compliance."

This is the reason why we need measures in place to override lawmakers. They simply cannot formulate proper laws and cause more confusion among the legal fraternity and public than what they are doing good. This whole POPI Act is still subject to Constitutional court scrutiny. Unfortunately, it will not be one case for the whole act, but rather thousands of cases that will deal with various sections of the act.
 

ForceFate

Honorary Master
Joined
May 18, 2009
Messages
31,071
I know you are not one who likes reading Force, but did you read the last section?



This is the reason why we need measures in place to override lawmakers. They simply cannot formulate proper laws and cause more confusion among the legal fraternity and public than what they are doing good. This whole POPI Act is still subject to Constitutional court scrutiny. Unfortunately, it will not be one case for the whole act, but rather thousands of cases that will deal with various sections of the act.
From your quote...
Every conversation around POPI at this point is speculative, until we know what the Information Regulator looks like and how it will enforce the Act.
Yet, your posts suggest otherwise.
 
Last edited:

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
From your quote...

Yet, your posts suggest otherwise.

My post, according to you, suggest otherwise because dumb lawmakers (who should be writing grade 7 exams are told to write laws and the POPI Act is the result) have written an act that could be interpreted in two different ways. Many lawyers do not agree with each other on the various aspects of the act. Some interpret in one way and others the other way. There is no clear clarity. Hence the reason both ways are speculative. The Regulator could enforce it one way or the other. They cannot enforce it both ways.
 

nightjar

Executive Member
Joined
Aug 2, 2008
Messages
5,484
"..... "We have to believe in the judicial process," Alhadeff maintains, .....

I love his fantasy about believing in the judicial process.
Even the uneducated voters know how useless the judicial system is, which explains the frequency of mob killings.
Of course, when people believe in the judicial process, the lawyers laugh all the way to the bank.
 

rvZA

Executive Member
Joined
Jan 3, 2021
Messages
5,159
I love his fantasy about believing in the judicial process.
Even the uneducated voters know how useless the judicial system is, which explains the frequency of mob killings.
Of course, when people believe in the judicial process, the lawyers laugh all the way to the bank.

Absolutely!
 
Top