sassa v minister of social development 2024-2025
sassa v minister of social development 2024-2025
In Black Sash Trust v Minister of Social Development, the Constitutional Court agreed with the Information Regulator that data subjects own their personal information and that a responsible party cannot transfer the data subject’s personal information to another party. The Court ruled that the South African Social Security Agency (SASSA) must only use personal information to process monthly social grant payments to its beneficiaries. The Court ordered that the contract between SASSA and Cash Paymaster Services (CPS) must contain safeguards to protect grant beneficiaries’ personal information.
Who should care about this judgment and why?
- Parties in charge, whether public or private, must use personal information only for a specific purpose and responsibly.
- Operators process on behalf of a responsible party because you can only process for a specific purpose and with permission from a responsible party.
- SASSA on the grounds that they should just utilize award recipients’ very own information to handle month-to-month friendly award installments.
- Anyone entering into a data processing agreement (DPA) due to the judge’s definition of what must be included in a DPA between a controller and a responsible party.
- Beneficiaries of social grants need to know that they own their personal information and that others are obligated to safeguard it from misuse.
What could you do about it?
- Read this post by Michalsons for more information about the information regulator.
Read the entire ruling to get the full picture.
Read the Constitutional Court’s explanation for a summary of the ruling.
Joining a Michalsons program will give you access to all decisions pertaining to data protection.
Our insights on the judgment
- The regulator’s main concern in this situation is the security of the personal information of recipients of social grants. The regulator objected to only one part of Black Sash’s application, which was described in the Notice of Motion. In the Notice of Motion, Black Sash asked the court to rule that POPIA’s principles in paragraphs 5(b) and 11 were violated by the transfer of award beneficiaries’ personal information into SASSA’s hands (b). Although POPIA has not yet started, it was clear from the application documents that the Court had adopted the regulator’s definitions of “personal information” and “data subject”
- The court agreed with the controller that Dark Band’s request for declaring award recipients’ individual data SASSA property was flawed. The fact that the paragraphs were removed from Black Sash’s final application papers supports the notion that individuals own their personal information and that a responsible party cannot transfer it to another party.
- The Court agreed with the regulator’s strategic goal of removing barriers to data protection and information access. In addition, it lays the groundwork for individuals who provide data to challenge any business that fails to protect their personal information.
- When they process personal information, they can only use it for one purpose. They are required to remain in their lane when processing personal information. They are also forbidden from giving anyone else access to any of their personal information.
Digest
- The ability of SASSA to pay grant recipients across the country in a legal manner is the primary focus of this decision. CPS was contracted by SASSA to handle the monthly payment process for social grants.
- In the interest of the public, Black Sash approached the Constitutional Court and requested that the court rule that any contract between SASSA and CPS must stipulate that SASSA will own the personal information of grant recipients.
- The Regulator opposed Black Sash’s request on the grounds that there was no legal basis to assign SASSA ownership of social grant recipients’ personal information. As a result, the Court decided that recipients of social grants own their personal information.
Order
The Court instructed SASSA to ensure that the CPS contract:
- outlines steps to ensure that CPS will only use personal information to make grant payments; includes necessary protections to ensure that personal data received during the payment process stays private;
- prohibits anybody from requesting “opt-in” from beneficiaries to divulge private information in order to promote goods and services.
Details of Black Sash Trust v Minister of Social Development
- Universal citation: [2018] ZACC 36
- Also reported in 2017 (3) SA 335 (CC); 2018 (12) BCLR 1472 (CC)
- Full name: Black Sash Trust v Minister of Social Development And Others (Freedom Under Law Intervening)
If it’s not too much trouble, note: While this decision addresses a number of constitutional issues, our analysis focuses on the Court’s treatment of privacy and data protection issues. This judgment’s summary is written specifically for Michalsons Data Protection program members and is not intended for general readers.
Related Links
sassa 2024 increase
sassa and uif
who are sassa beneficiaries
sassa where to draw money
are sassa offices open tomorrow
sasa yoga
where does sassa money come from
sassa 450
who qualifies sassa pension
how apply for sassa
is sassa offline today 2024
what date is sassa
sassa quotations
who gets sassa grants
sassa act 9 of 2004
nearest sassa office in centurion
For more info, click here