Fwd: South Africa Passes Comprehensive Personal Data Protection Legislation

(Moving public-tracking to BCC and forwarding to public-privacy. We welcome discussion of relevant topics like potential regulations that might affect online privacy on the wider public-privacy mailing list; the public-tracking mailing list is specifically for work on Tracking Protection Working Group deliverables.)
—Nick

Begin forwarded message:

> Resent-From: public-tracking@w3.org
> From: Peter Cranstone <peter.cranstone@3pmobile.com>
> Subject: South Africa Passes Comprehensive Personal Data Protection Legislation
> Date: September 2, 2013 2:35:39 PM PDT
> To: "public-tracking@w3.org" <public-tracking@w3.org>
> 
> Looks like it's regulation time for Privacy. 'Where' is now on the same level of importance as 'What' you know about me.
> 
> http://www.huntonprivacyblog.com/2013/08/articles/south-africa-passes-comprehensive-personal-data-protection-legislation/
> 
> [snip]
>  
> OFFENCES AND PENALTIES - Jail time is now possible.
>  
> Obstruction of Regulator
>  
> 95. Any person who hinders, obstructs or unlawfully influences the Regulator or any
> person acting on behalf of or under the direction of the Regulator in the performance of
> the Regulator’s duties and functions under this Act, is guilty of an offence.
>  
> Penal sanctions
>  
> 99. Any person convicted of an offence in terms of this Act, is liable—
> (a) in the case of a contravention of section 95, to a fine or to imprisonment for a
> period not exceeding 10 years, or to both a fine and imprisonment; or
> (b) in any other case, to a fine or to imprisonment for a period not exceeding 12
> months, or to both a fine and imprisonment.
>  
> [/snip]
>  
> 
> The actual legislation waiting (like California AB 370)
> 
> http://www.huntonprivacyblog.com/wp-content/uploads/2013/08/B9-2009_ProtectionofPersonalInformation.pdf
> 
> 
> ANYONE in South Africa now has the RIGHT to know EXACTLY what information
> ANYONE / ANYWHERE has 'collected' about them...
>  
> [snip]
>  
> Access to personal information
>  
> 22. (1) A data subject, having provided adequate proof of identity, has the right to—
> (a) request a responsible party to confirm, free of charge, whether or not the
> responsible party holds personal information about the data subject; and
> (b) request from a responsible party a description of the personal information
> about the data subject held by the responsible party, including information
> about the identity of all third parties, or categories of third parties, who have,
> or have had, access to the information—
> (i) within a reasonable time;
> (ii) at a prescribed fee, if any, that is not excessive;
> (iii) in a reasonable manner and format; and
> (iv) in a form that is generally understandable.
>  
> [/snip]
> 
> 
> 
> Peter
> _________________________
> Peter J. Cranstone
> CEO.  3PMobile
> Boulder, CO  USA
> 
> 
> Improving the Mobile Web Experience
> 
> Cell: 720.663.1752
> Web site: www.3pmobile.com

Received on Monday, 2 September 2013 22:13:42 UTC