SOUTH AFRICA: FIRST CODES OF CONDUCT ISSUED BY THE INFORMATION REGULATOR UNDER POPIA
The first two codes of conduct to be approved by the Information Regulator under the Protection of Personal Information Act, 2013 (POPIA) have now been issued.
In terms of a notice published in the Government Gazette on 7 October 2022, the Information Regulator has approved and issued a Code of Conduct for the Banking Sector (Banking Code) in accordance with section 62(1) of POPIA. The issuing of the Banking Code follows the receipt by the Regulator of a draft code (June 2022 Banking Code) that had been submitted to it by the Banking Association of South Africa (BASA).
In terms of section 61(2) of POPIA, the Information Regulator was required to afford affected persons an opportunity to comment on the June 2022 Banking Code and consider all submissions it received before making a decision on the issuing of the final code.
The Regulator has now considered the June 2022 Banking Code and confirmed that BASA’s application has been successful. The Banking Code has accordingly been issued and will come into force on the 28th day after the date of the notice in the Government Gazette. This means that the Code will become operative as from 4 November 2022.
Members of our Data Protection Group have prepared a summary of the provisions of the Banking Code in the form of a comparison table. The table compares the provisions of the June 2022 Banking Code with the final issued Banking Code and the provisions of POPIA, so that one can easily see the most recent additions that have been made and how the provisions of the Banking Code compare with the relevant provisions in POPIA. Click here to access the summary.
The Information Regulator has simultaneously approved a Code of Conduct for Credit Bureau, submitted by the Credit Bureau Association, after following the same consideration process as described above.
A copy of both codes can be found on the Information Regulator’s website here.