The Information Regulator has imposed its first ever fine for noncompliance with the Protection of Personal Information Act (Popia).
R5 million fine has been levied against the Department of Justice and Constitutional Development (DoJ) for not having appropriate security measures to protect the personal information it holds.
In 2021, the department suffered a cyber-attack that resulted in the loss of more than 1 200 files, with encryption of internal documents and personal information being compromised.
This forced the court recording systems offline, which led to postponements at lower courts.
Chairperson of the Information Regulator, Adv Pansy Tlakula explains: “In terms of our law, failure to comply with enforcement notice amounts to a criminal offence that can lead to an administrative fine of up to R10 million being paid.”
“So that is what we did, we issued an infringement notice in which we then asked them to pay a fine of R5 million which is not the highest and they must do that within 30 days of the infringement notice which we issued,” adds Tlakula.
The audio file below is reporting more on the story:
