4. Electronic Theses and Dissertations (ETDs) - Faculties submissions

Permanent URI for this communityhttps://hdl.handle.net/10539/37773

For queries relating to content and technical issues, please contact IR specialists via this email address : openscholarship.library@wits.ac.za, Tel: 011 717 4652 or 011 717 1954

Browse

Filters

2023 - 20243

Settings

Has files: YesSubject: search.filters.subject.Privacy

Search Results

Now showing 1 - 3 of 3
  • Thumbnail Image
    Item
    The WTO law consistency of the data localisation requirements in section 72 of POPIA
    (University of the Witwatersrand, Johannesburg, 2024) Thomas, Nkosinathi Benny; Sucker , Franziska; Ngulube,Mxolisi
    South Africa's Protection of Personal Information Act ('POPI'), officially promulgated on 1 July 2020, was enacted to legislatively ameliorate South Africans' constitutional rights to not have their privacy infringed. POPI generally establishes a mechanism to ensure that persons have a say in the collection, processing and storage of their personal information. This is done through a regulatory mechanism which prescribes the limits and compliance requirements for the aforementioned activities. As part of its suite of protections, POPI in section 72 thereof, prescribes limits and conditions for the cross-border transfer of personal information collected in South Africa. Section 72 of POPI is a conditional data localisation provision because it prescribes the circumstances under which personal information collected in South Africa may be transferred extraterritorially. On the assumption that unhindered flow of data is required for the enablement of digital trade, I ascertain whether section 72 of POPI is consistent with the laws of the World Trade Organisation. In particular, I ascertain whether section 72 of POPI is consistent with the relevant provisions in the General Agreement on Trade in Services ('GATS'). To the extent that section 72 of POPI is inconsistent with the relevant provisions in GATS, I conclude that section 72 of POPI is justified pursuant to the exceptions in GATS.
  • Thumbnail Image
    Item
    A Critical Inquiry into The Ethical Justification(s) For Decriminalising Cannabis Use In South Africa
    (University of the Witwatersrand, Johannesburg, 2024) Moolla, Sadiyyah; Attoe, Aribiah David
    The right to privacy, as contained in the Constitution of the Republic of South Africa, grants individuals the right to engage in certain activities, insofar as those activities are private, without infringement by individuals or the state. The said right is what was relied upon by the Constitutional Court in the decision to decriminalize Cannabis, for private use. However, there is a marked difference between that which is legal and that which is moral. In this thesis, I will grapple with the ethical justifications for the decriminalization of Cannabis. Using the Ubuntu ethical theory, I will show that there is in fact no ethical justification for impeding on a moral agent’s right to consume cannabis. I will begin by providing some arguments for and against the legalisation of cannabis use, showing their merits and their demerits. I will then provide an account of Ubuntu ethics and show how its tenets bear on the right to consume cannabis.
  • Thumbnail Image
    Item
    Adequacy of Data Protection Regulation in Kenya
    (University of the Witwatersrand, Johannesburg, 2023-10) Laibuta, Antony Mugambi; Zitzke, Emile
    Article 31 of the Kenyan Constitution provides for the right to privacy. The Kenyan Data Protection Act, 2019 gives effect to Article 31(c) and (d) of the Constitution. This study is about whether data protection regulation in Kenya would inspire any confidence in data subjects who enjoy protection of their right to privacy under Article 31 of the Constitution. Kenya, going with the global trend, in November 2019 enacted the Data Protection Act. Before the enactment, Kenya had debated data protection Bills for over a decade. But even with the enactment of the Data Protection Act, the question remains whether this was sufficient to guarantee the right to privacy and specifically data subject rights. The main aim of this study is to determine the adequacy of data protection regulation in Kenya by responding to five questions: How has data protection evolved in Kenya? What framework should be used to determine the adequacy of data protection regulations? To what extent is the legal framework on state surveillance adequate? To what extent is the legal framework on commercial use of personal data adequate? How adequate are the available remedies in relation to data protection in Kenya? To wit, no comprehensive academic discussion has explored the history of privacy and data protection in Kenya. This study fills this gap in the academic literature. It has established, through highlighting constitutional and statutory provisions, that the right to privacy in Kenya has been in existence since Kenya gained independence from colonial rule. Conversations during the clamour for constitutional reforms shaped the current text that provides for an individual right to privacy which has been the springboard for data protection rights to be introduced. There is no immediately obvious framework that would be ideal to determine the adequacy of data protection regulation in Kenya. In light of this gap, this study has presented a simple set of questions used in day-to-day legal practice to be used as the determination-of-adequacy framework. The questions, “who?”, “why?”, “what?”, “when?”, “where?”, and “how?” are iv posed on State surveillance, surveillance capitalism, and access to effective remedies. Responses to these questions are juxtaposed with provisions of the European Union’s General Data Protection Regulation and South Africa’s Protection of Personal Information Act. The responses reveal the level of adequacy of data protection regulation in Kenya. On adequacy in State surveillance, surveillance capitalism, and availability of effective remedies, the study has revealed that while there are provisions of the law that adequately regulate the three issues, there are gaps and ambiguities that must be addressed to raise the level of adequacy and inspire confidence in data subjects. For the gaps and ambiguities, this study recommends law reforms in the form of amendments to provisions of the Kenyan Data Protection Act, Data Protection (General) Regulations, Competition Act, National Intelligence Service Act, and the Data Protection ADR Framework. This study also recommends enactment of new law including an Artificial Intelligence Act, Data Protection (Statutory Database) Regulations, and Regulations on interception of communications under the Prevention of Terrorism Act and other enabling statutes.