data breach: Rights and litigation
legal computer judge concept, cyber gavel with clipping path ,3D illustration

Strict liability!?

Yip. Strict liability applies to a responsible party in cases of a data breach in terms of Section 99 (1) of POPIA. This means a responsible party is held liable for data breaches regardless their intent or negligence: 

Five possible defences are created by Section 99:    

  1. (1)  Vis major(2)  consent of the plaintiff; (3) fault on the part of the plaintiff; (4)  compliance was not reasonably practicable in the circumstances of the particular case; or (5  the Regulator has granted an exemption in terms of section 37. 

At first glance it seems that responsible parties have drawn the short straw. However the defence of "compliance was not reasonably practicable in the circumstances of the particular case" and "Vis major" should bring relief in context to responsible parties who applied the necessary due diligence in safeguarding a data subjects information.

identity crises: A Two edged sword 

It is very tempting to shout a big hooray at the thought that big industry is accountable in accordance to the principals of strict liability, however, most data subjects are also responsible parties. 

Strict liability inevitably  puts a majority of institutions and business at great risk of difficult and costly civil litigation, regardless the sophistication of a cyber attack that resulted in a data breach.  

Legal risk mitigation is accentual in preparation of possible data breaches. This is a legal and not a technological solution. Cyber forensics and cyberlaw needs to be applied in conjunction with each other to fully mitigate and prevent civil litigation. GP Bouwer attorneys posses these skill sets.

GP Bouwer attorneys can further assist our clients in defending unwarranted litigation by the regulator or data subjects. 

Learn More
Online Privacy Security Threat Abstract Background Art
Artificial Intelligence Systems and Autonomous System Industry

information security 

Information security is a basic digital human right. The reason is simply that information security relates to our personal information and physical and financial well being. 

Most if not all our information is stored in cyberspace. Our whole identity is manifested digitally, from our social behaviour to our financial details. Simply put our lives are as connected to cyberspace as it is to real life. 

Information security is therefore paramount for our mental, financial and physical well being.  
GP Bouwer attorneys will assist our clients in their need for information security albeit through litigation or risk mitigation.  

 Consultation