Funds Approved for Establishment of Privacy Regulator
The Deputy Minister said:
In a conversation with the writer prior to the announcement, the Deputy Minister advised that advertising for the appointment of senior posts will be placed in the near future and office is likely to be established before the end of this year. The Deputy Minister must be commended for personally intervening to facilitate the agreement with Treasury in this regard.
This will pave the way for the State President to proclaim the commencement of the operative provisions of the Protection of Personal Information Act as soon as the Regulator is operationally able to fulfil its functions.
This development must be welcomed as, despite the constitutional imperative of protecting the privacy of citizens, South Africa has fallen some 30 years behind many democratic countries in controlling persons who have taken advantage of the lack of regulation in an unbridled abuse of personal information. The failure to require statutory protection of personal information has also led to South Africa being a vulnerable and easy target for organised crime.
A factor which until recently seems to have escaped, or been rather foolishly ignored, by government is that every credible Cybersecurity Framework globally recognises the absolute necessity for the establishment of the checks and balances provided by good privacy legislation and regulation, to the powers that need to be granted to law enforcement agencies. This has been emphasised by the Snowden revelations and the political and commercial fallout that these have caused, resulting in renewed emphasis being given to Privacy globally as the most important area of emerging jurisprudence in defining the parameters of our information society and economy.
Against this background the appointments to the Regulator will be followed with interest. Independence is an absolute pre-requisite and the Regulator must be allowed to as quickly as possible commence performing the duties required in the Act, without “fear or favour.”
The Minister of State Security, the Honourable David Mahlobo, indicated recently in his budget speech that cybersecurity is a priority and the necessary legislative and regulatory frameworks are to be established in the course of this year to facilitate initiatives to establish and promote cybersecurity in South Africa. It is to be hoped that government begin to realise, there being little evidence of this to date save for political rhetoric, that the success of any cybersecurity program is dependent on establishing and maintaining appropriate public/private sector partnerships. The aim should be to equip every citizen with the tools and training to be a “cyber-warrior”. As Professor Basie von Solms has stressed repeatedly, neither the public nor private sector will succeed in combatting cyber-security without appropriate partnership and co-operation.
Whenever the proclamation of commencement is signed by the State President, for most processors of personal information much still has to be done to ensure that they will be able to comply with the Act. Even among our “blue chip” corporates my observation is that far too little has been done to date. Of course government, as the largest repository of personal information in our country, is also ill-prepared to comply with the Act. If the relevant leaders and Ministers are as serious about cybersecurity, and therefore privacy, as they have claimed, they will need to evidence this in purposeful leadership and action. If their claims are made for no other reason than political expedience, the job of the Regulator will be rendered infinitely more difficult and the rapid erosion of this constitutional right of privacy, so critical to our open democracy, will be accelerated.
We live in hope that the Regulator will be a resounding success. In light of the failures of so many of our institutions this will be wonderfully refreshing.
©Mark Heyink 2015 www.privacyonline.co.za