Protecting South African Employees' Special Personal Information Against Data Breaches
| dc.contributor.author | Mampa, Kgothatso Lesetja Simon | |
| dc.date.accessioned | 2025-01-16T10:50:14Z | |
| dc.date.available | 2025-01-16T10:50:14Z | |
| dc.date.issued | 2024 | |
| dc.description | A research report Submitted in partial fulfillment of the requirements for the degree of Master of Laws by Coursework and Research Report , School of laws, University of the Witwatersrand, Johannesburg 2024 | |
| dc.description.abstract | The widespread use of computers and acceleration of online activity have increased the importance of personal information in modern society. Processing personal information has become an indispensable part of daily life. The (mis)management of personal information in the employment context is particularly concerning because employers also process special personal information (SPI). This research report considers the legal treatment of processing SPI in the world of work in South Africa by identifying and evaluating those provisions of POPIA that could offer employees protection in the event of a data breach. Furthermore, the research examines the effectiveness of those provisions against predetermined criteria in order to establish whether the provisions provide direct employee protection, create an opportunity for the responsible independent authority, namely the Information Regulator (IR), to include protective conditions in respect of processing employee SPI; and whether the provisions eliminate or limit threats to breaches of employee SPI. Sheburi v Railway Safety Regulator is the only known POPIA related case and it is referenced to highlight the ease with which POPIA provisions can be misinterpreted in practice. The case also demonstrates the fallibility of the consent requirement and supports the argument that employees need reinforced protection against the ever-looming threat of data breaches. The key finding of this study is that POPIA was not specifically designed to render full protection to employees in the event of a data breach. However, some of the existing provisions in POPIA render some level of protection. The research concludes by suggesting possible ways to improve the legal protection of employee SPI and ultimately calls for specific regulation of employee SPI in the context of data breaches. | |
| dc.description.submitter | MM2025 | |
| dc.faculty | Faculty of Commerce, Law and Management | |
| dc.identifier.citation | Mampa, Kgothatso Lesetja Simon . (2024). Protecting South African Employees' Special Personal Information Against Data Breaches [Master’s dissertation, University of the Witwatersrand, Johannesburg].WireDSpace. | |
| dc.identifier.uri | https://hdl.handle.net/10539/43517 | |
| dc.language.iso | en | |
| dc.publisher | University of the Witwatersrand, Johannesburg | |
| dc.rights | © 2025 University of the Witwatersrand, Johannesburg. All rights reserved. The copyright in this work vests in the University of the Witwatersrand, Johannesburg. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of University of the Witwatersrand, Johannesburg. | |
| dc.rights.holder | University of the Witwatersrand, Johannesburg | |
| dc.school | School of Law | |
| dc.subject | Personal Inforomation | |
| dc.subject | POPIA | |
| dc.subject | Employees | |
| dc.subject | Data Breaches | |
| dc.subject | GDPR | |
| dc.subject | UCTD | |
| dc.subject.other | SDG-8: Decent work and economic growth | |
| dc.title | Protecting South African Employees' Special Personal Information Against Data Breaches | |
| dc.type | Dissertation |