Whilst there is legislation allowing you to obtain information you need to enforce your rights, there is legislation in the pipeline to protect personal information. When you fill in a form at the bank or a government department, or you give out your personal details telephonically to a service provider,
you may expect that those details be kept confidential.
The Constitution provides that everyone has the right to privacy, including protection against unlawful collection, retention and dissemination of personal information and the State must protect and promote those rights.

The Protection of Personal Information Act of 2013 (called the “POPI Act”) will only become fully effective early next year. What has become effective are the provisions regarding the Office of the Information Regulator, which will be responsible for enforcing the Act.

Examples of personal information for an individual may include:

- Identity Number   - Marital status

- Date of birth and age   - Photos, video footage, biometric data

- Contact numbers   - Religious beliefs

- Email address    - Employment history and salary information

- Residential address   -  Physical and mental health information

- Gender, race and ethnic origin  - Financial information  
Business owners and the corporate world need to ensure that their policies and procedures are in place and staff is properly trained to ensure compliance to the POPI Act. Corporate entities are at risk (with fines up to R10 million or 10 years in jail!) having regard to the prevalence of cybercrime and the possibility of those whose employment is coming to an end stealing corporate data.
Should you discover that your personal information has been illegally disseminated, you may call or contact the Office of the Information Regulator