General Data Protection Regulation (GDPR) in Africa: So What?
In May 2018, the European Commission's (EU) General Data Protection Regulation (GDPR) went into effect.
The GDPR is a data privacy and protection framework aimed at improving Europe's data privacy laws, and which could be described as a first cousin to South Africa's POPIA, the Protection of Personal Information Act 4 of 2013. POPIA, while currently only partially implemented, will apply to all businesses and organizations in South Africa, which by virtue of their interactions with South African consumers, collect and process their personal information.
While POPIA's provisions only apply to businesses that are registered and incorporated within the borders of South Africa, the GDPR is applicable to every organization on the African continent that processes the personal data or monitors the online activities of EU citizens.