The right to privacy is enshrined in section 14 of the Bill of Rights in the Constitution. Information privacy as it relates to the protection of data subjects' personal information has become an issue of foundational concern in recent years, mainly because of the upsurge in the use of information technology (IT) and associated impacts arising from the speed and scale at which personal information can be transmitted and shared. Access to data subjects' personal information enables responsible parties to, amongst other things, profile data subjects' personal interests and attitudes, as well as their behaviour and/or buying patterns. Personal information has thus become a tradeable commodity (Jordaan, 2015). The processing (collection, storage, use, dissemination and destruction) of such personal information can sometimes have detrimental effects on data subjects if not processed lawfully (Pinto, 2018). This is particularly the case as personal information such as telephone numbers, race, creditworthiness, criminal records, and health status of data subjects can be held by various responsible parties such as employers, banks, credit bureaux, and insurance companies. Given the broad number of organisations processing data subjects' personal information, it becomes essential for governments to enact legislation that establishes data protection authorities (DPAs) and gives them powers to enforce the law which regulates the protection of data subjects' information.
Human Sciences Research Council (Fri,) studied this question.