The Information Regulator recently published its Guidance Note on Direct Marketing (“Guidance Note”), providing clarity on how personal information can be lawfully processed under the Protection of Personal Information Act (“POPIA”). The Guidance Note offers actionable steps for organizations to align their marketing practices with these principles, fostering responsible marketing that complies with both the

South Africa’s Protection of Personal Information Act (“POPIA”) imposes strict requirements on processing personal information, especially that of children. Under South African law, a child is a natural person under the age of 18. Recent enforcement action against the Department of Basic Education (“DBE’) highlights the importance of obtaining parental consent and using privacy-respecting methods

What has happened?

The African Continental Free Trade Area (“AfCFTA”) has emerged as a pivotal opportunity that will set the framework for future trade across Africa. Amid the prospects, one of the challenges has been the fragmented and diverse regulatory environment, coupled with regulators adopting policies that are not conducive for multinationals to make investments

The African Growth and Opportunity Act (AGOA) has served as the cornerstone of the U.S.-Africa commercial relationship for more than two decades but it is set to expire on September 30, 2025. While the legislation’s unilateral trade preferences have provided economic benefits for countries across sub-Saharan Africa, AGOA as a whole remains underutilized. To ensure

If there is a silver lining to most crises, the accelerated move toward digitized commerce globally and in Africa may be one positive outcome of the COVID-enforced lockdown. It is welcome news there that the South African Minister of Communications and Digital Technologies (“Minister”) published the Draft National Data and Cloud Policy (in Government Gazette

Our Africa Anti-Corruption Practice has previously outlined key considerations for handling internal investigations and remediation of compliance issues in Africa.  Here, we take a closer look at a particular aspect of remediation, the root cause analysis.  After the dust settles on an investigation identifying misconduct, a root cause analysis can serve as the most effective

In Episode 12 of our Inside Privacy Audiocast, together with special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa, we discussed the Information Regulator’s mandate, and the implementation of data protection legislation in South Africa.  Now, with less than a month to go before South Africa’s Protection of Personal Information Act,

A growing number of African countries have begun to ease COVID-19 related regulatory restrictions. Some countries, such as Kenya, Rwanda, and Senegal resumed international flights in August, while other countries like South Africa and Nigeria are only now opening their borders. For a continent that slipped into recession for the first time in a quarter

On June 22, 2020, the South African President announced that certain provisions of POPIA would take effect on July 1, provisions which most regard as essential to the statute, such as those imposing conditions on the lawful processing of personal information, procedures for handling complaints, and general enforcement provisions. Only days later, the South African