Policy Brief No 2
South Africa’s Data Sovereignty Regulations: Merits and Possible Limitations
Emmanuel Matambo and Edmund Terem Ugar
In July 2021, South Africa took proactive measures to ensure data sovereignty by enforcing the 2013 Protection of Personal Information Act (POPIA). In line with the measures for personal data protection, the South African government published the National Cloud and Data Policy in April 2021 as a further step toward achieving data sovereignty. However, there are still lacunas that need to be rectified in policies such as the POPIA to ensure maximum protection of private data, as well as achieve robust data sovereignty in the country.
The first section discusses the importance of data in the current social milieu, and starts by explaining what big data means. Next, the paper shows why there is a need for data sovereignty in South Africa. Following this, it engages with South Africa’s measures to enforce data laws, such as the POPIA. It then discusses the limitations of the POPIA document. Recommendations based on the identified limitations follow, as well as a conclusion.