SciELO - Scientific Electronic Library Online

 
vol.19 número1Parallel planning mechanisms as a "recipe for disaster" índice de autoresíndice de materiabúsqueda de artículos		Home Pagelista alfabética de revistas  

Servicios Personalizados

Articulo

Indicadores

Links relacionados

  • En proceso de indezaciónCitado por Google
  • En proceso de indezaciónSimilares en Google

Compartir

Potchefstroom Electronic Law Journal (PELJ)

versión On-line ISSN 1727-3781

Resumen

MILLARD, Daleen  y  BASCERANO, Eugene Gustav. Employers' statutory vicarious liability in terms of the Protection of Personal Information Act. PER [online]. 2016, vol.19, n.1, pp.1-38. ISSN 1727-3781.  http://dx.doi.org/10.17159/1727-3781/2016/v19i0a555.

A person whose privacy has been infringed upon through the unlawful, culpable processing of his or her personal information can sue the infringer's employer based on vicarious liability or institute action based on the Protection of Personal Information Act 4 of 2013 (POPI). Section 99(1) of POPI provides a person (a "data subject") whose privacy has been infringed upon with the right to institute a civil action against the responsible party. POPI defines the responsible party as the person who determines the purpose of and means for the processing of the personal information of data subjects. Although POPI does not equate a responsible party to an employer, the term "responsible party" is undoubtedly a synonym for "employer" in this context. By holding an employer accountable for its employees' unlawful processing of a data subject's personal information, POPI creates a form of statutory vicarious liability. Since the defences available to an employer at common law and developed by case law differ from the statutory defences available to an employer in terms of POPI, it is necessary to compare the impact this new statute has on employers. From a risk perspective, employers must be aware of the serious implications of POPI. The question that arises is whether the Act perhaps takes matters too far. This article takes a critical look at the statutory defences available to an employer in vindication of a vicarious liability action brought by a data subject in terms of section 99(1) of POPI. It compares the defences found in section 99(2) of POPI and the common-law defences available to an employer fending off a delictual claim founded on the doctrine of vicarious liability. To support the argument that the statutory vicarious liability created by POPI is too harsh, the defences contained in section 99(2) of POPI are further analogised with those available to an employer in terms of section 60(4) of the Employment Equity Act 55 of 1998 (EEA) and other comparable foreign data protection statutes.

Palabras clave : Vicarious liability; Protection of Personal Information Act; defences; comparison with Employment Equity Act; United Kingdom's Data Protection Act of 1998; New Zealand's Privacy Act 28 of 1993; Australian Privacy Act 119 of 1988.

        · texto en Inglés     · Inglés ( pdf )

 

Creative Commons License Todo el contenido de esta revista, excepto dónde está identificado, está bajo una Licencia Creative Commons

Potchefstroom Electronic Law Journal
Faculty of Law, Private Bag X6001, North-West University,
Potchefstroom, North-West Province, ZA, 2520,
Tel: +27 18 299 1921