INFORMATION MANAGEMENT 1A

The impact of information

in an electronic information society

Unit 9
Information Acts

Information Management 1A (ILK1A) 1

 OVERVIEW

• DEFINE THE VARIOUS INFORMAITON ACTS

(POPI, PAIA, RICA & FICA)
• PURPOSE OF THE ACTS
• COMPONENTS OF THE ACTS
• Q&A

Information Management 1A (ILK1A) 2

 INTRODUCTION
• It is very easy for the beginners to (IA) to be confused by
the very wide spectrum of definitions.

• Very few people understand the purpose and functions of

the Information Acts.

• These information acts are incorporated into governmental

legislation.

Information Management 1A (ILK1A) 3

 RICA
Regulation of interception of
communication related
information act
“Every time communications are monitored and thereafter
intercepted there is a potential infringement of the
Constitutional right to privacy. RICA deals with the protection
of that right and the circumstances under which the right is
limited and the infringement permitted. RICA does not prevent
an employer from monitoring its employees, but such monitoring
must comply with RICA
― Michalsons 2016

Information Management 1A (ILK1A) 4

 “RICA is the piece of legislation in South Africa that governs the
interception or monitoring of communications”― Michalsons
2016

The aim of this legislation is to help law enforcement agencies to

identify communication device users and track criminals using
communication devices for illegal activities.

RICA signed into law in the 2002 in South Africa

Information Management 1A (ILK1A) 5

 • RICA states that no person – who is not a party to the
communication, who does not have prior written consent or is not
acting in the course of business – may intentionally intercept,
attempt to intercept, authorize or procure any other person to
intercept or attempt to intercept at any place in the Republic
any communication in the course of its occurrence or
transmission.

Information Management 1A (ILK1A) 6

 The Constitutional Court found that provisions of RICA were
unconstitutional and did not fully comply with the rights to
privacy, freedom of expression, legal privilege and the rights of
access to courts.
On 4 February 2020 the Constitutional Court handed down a
judgment declaring a decision made by the High Court of
Gauteng North to be correct. In the matter of Amabhungane
Centre for Investigative Journalism NPC and Another v Minister of
Justice and Correctional Services and Others; Minister of Police v
Amabhungane Centre for Investigative Journalism NPC and
Others CCT278/19 & CCT279/19, the Constitutional Court found
that provisions of the Regulation and of Interception of
Communications and Provision of Communication Related
Information Act 70 of 2002 (“RICA”) were unconstitutional on
the basis that they failed to fully comply with the rights to
privacy, freedom of expression, legal privilege and the rights of
access to courts

Information Management 1A (ILK1A) 7

 1.The Constitutional Court agreed with the High Court decisions
with the following reasoning in respect of the
unconstitutionality of RICA:
On the issue of notification, the Constitutional Court found that
RICA ought to give individuals notification after they were
subjected to surveillance. RICA continued to conduct
surveillance on members of the public without giving them post
notification. This action denied members of the public a chance
to seek legal redress as their right to privacy had been
infringed.
On the issue of independence, the Constitutional Court made
the following finding: In terms of RICA, the Minister of Justice
had the right to appoint a judge to decide on whether
surveillance may take place. RICA did not state the designated
judge's term of office and thereby allowed for unfettered
discretion in the hands of the Minister that did not consider the
views of independent regulators. This was declared
unconstitutional as such decisions ought to be managed and
transparent.

Information Management 1A (ILK1A) 8

 3. On the issue of RICA obtaining permission to conduct surveillance on
an ex parte basis, the Constitutional Court made the finding that such was
unconstitutional. This is because RICA lacks safeguards when exercising
this power. The Constitutional Court declared that Parliament ought to
revise these measures.
4. On the issue of management of information, the Constitutional Court
decided the following: The court found that information that has been
intercepted was subject to no regulations as to how such information was
stored and destroyed, which is a very invasive infringement of privacy.
RICA allows the Interception Centres an unbound freedom to
management the information. The Constitutional Court found RICA to be
unconstitutional in this regard.
5. On the issue of information intercepted from journalists and legal
practitioners, the Constitutional Court made the following finding: Legal
Practitioner's information ought to be protected by legal professional
privilege as such goes hand in hand with the right to a fair trial and fair
hearing. Journalists sources ought to be protected by the right to freedom
of expression. RICA had thus breached these confidentiality rights and
was declared unconstitutional.
Information Management 1A (ILK1A) 9
 FICA
Financial intelligence center act

The purpose of FICA is to combat money laundering activities by,

among other things, establishing a Financial Intelligence Centre
and imposing certain duties on institutions and other persons
that might be used for money laundering purposes― Momentum
(2013).
Signed into law 2001

Information Management 1A (ILK1A) 10

• When conducting a transaction, users are
required to send identifying documents that
are applicable in order to assist in complying
with the law. A swift response when
requested for this documentation will make
sure that there are no delays in dealing with
the transaction.

Information Management 1A (ILK1A) 11

 POPI Act
Protection of Personal
Information act
• “…the purpose of the PoPI Act is to ensure
that all South African institutions conduct
themselves in a responsible manner when
collecting, processing, storing and sharing
another entity's personal information by
holding them accountable should they abuse
or compromise your personal information in
any way”. Workpool, (2016).
Information Management 1A (ILK1A) 12
 Examples include
• Identity and/or passport number
• Date of birth and age
• Phone number/s (including mobile phone number)
• Email address/es
• Online/Instant messaging identifiers
• Physical address
• Gender, Race and Ethnic origin
• Photos, voice recordings, video footage (also CCTV), biometric data
• Marital/Relationship status and Family relations
• Criminal record

Information Management 1A (ILK1A) 13

• Private correspondence
• Religious or philosophical beliefs including personal and
political opinions
• Employment history and salary information
• Financial information
• Education information
• Physical and mental health information including medical
history, blood type, details on your sex life
• Membership to organisations/unions

Information Management 1A (ILK1A) 14

• when and how you choose to share your information
(requires your consent)
• the type and extent of information you choose to
share (must be collected for valid reasons)
• transparency and accountability on how your data
will be used (limited to the purpose)
and notification if/when the data is compromised
• providing you with access to your own information
as well as the right to have your
data removed and/or destroyed should you so wish

Information Management 1A (ILK1A) 15

• who has access to your information, i.e. there must be
adequate measures and controls in place to track access and
prevent unauthorised people, even within the same company,
from accessing your information
• how and where your information is stored (there must be
adequate measures and controls in place to safeguard your
information to protect it from theft, or being compromised)
• the integrity and continued accuracy of your information
(i.e. your information must be captured correctly and once
collected, the institution is responsible to maintain it

Information Management 1A (ILK1A) 16

• It is the responsibility of each person and
each organization to protect their own
information.
• The PoPI Act cannot protect you if you do not
take measures to protect yourself
• It is also the organisations responsibility to
protect other parties personal information.
• Signed into law 2013

Information Management 1A (ILK1A) 17

 PAIA Act
Promotion of Access to
Information Act
• To promote transparency, accountability and effective governance of all public
and private bodies, by empowering and educating everyone to understand their
rights in terms of PAIA so that they are able to exercise their right in
relation to public and private bodies, to understand the functions and
operation of national spheres/public bodies, and to
• Effectively scrutinize, and participate in decision making by public bodies that
affects their rights.
• To ensure that the state takes part in promoting a human rights culture and
social justice.
• To encourage openness and to establish voluntary and mandatory mechanisms
or procedures which give effect to the right of access to information in a
speedy, inexpensive and effortless manner as reasonable possible.
(Department of the premier, 2012)

Information Management 1A (ILK1A) 18

Public body may not refuse a request for
access to information on the following grounds:
•Individual consent has been given
•Individual is informed by the public body, this
information might already be public information
•Already public information
•Individuals physical/mental health, well being, who is
under the care of the requestor, under the age of 18.
Written consent from the next of Kin
•Where disclosure would reveal a serious public
safety or environmental risk
Information Management 1A (ILK1A) 19
• Deceased individuals information and the requestor
is the next of kin.
• About an individual who is or was an official of a
private body, and the information relates to the
position or functions of the individual.

Information Management 1A (ILK1A) 20

Public body must refuse request to
information on the following grounds:
•If the disclosure would involve unreasonable
disclosure of personal information about third party
including deceased individual.
•To a record of South African Revenue Services
(SARS), unless the information consists of
information about the requestor.
•Trade secrets
•Financial, commercial, scientific or technical
information about trade secrets
Information Management 1A (ILK1A) 21
• If the disclosure would constitute a breach of a
duty of confidence.
• If record consists of information supplied in
confidence.
• If disclosure would endanger the life or physical
safety of an individual
• If disclosure would likely prejudice or impair:
Security of building, structure or systems
(computer, communication, transport or any
property).
• If disclosure would impair procedure of protection
of : Witness protection, safety of public,
Information Management 1A (ILK1A) 22
• Defence/Safety/ Internal relations of the Republic
• Signed into law 2000

Information Management 1A (ILK1A) 23

 CONCLUSION
•DEFINE INFORMATION ACTS
•IA COMPONENTS
•POPI
•PAIA
•RICA
•FICA

Information Management 1A (ILK1A) 24

 Q&A

Information Management 1A (ILK1A) 25