Regulatory complexities await IT businesses in 2018
A plethora of laws will have an impact on IT businesses this year, but will struggle to keep up with the rapid pace of technology advances.
This is according to law firm Michalsons, which points out that every new year brings new challenges to comply with regulatory requirements.
Michalsons believes in 2018, data protection compliance will become a non-negotiable thanks to two laws: SA's Protection of Personal Information Act (POPIA) and Europe's General Data Protection Regulation (GDPR).
In SA, the Information Regulator will promulgate the POPIA regulations in the first half of the year and announce the POPIA commencement date, which is believed to be in the second half of 2018.
The law firm notes that organisations that must comply with POPIA will increase their efforts to comply so that they are ready by the end of the one-year grace period.
The GDPR is regulation that requires businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within member states. Non-compliance could cost companies dearly.
The deadline to comply with the GDPR is 25 May. According to Michalsons, some organisations have finished implementing the changes they need to make to comply, while others are just starting and some don't even yet know they have to comply.
It points out that many organisations will soon realise they fall within the jurisdictional scope of the GDPR and take steps to comply as quickly as possible.
Regulators will not fine controllers this year but some class actions by data subjects for civil damages will begin or be confidentially settled, it adds.
Simeon Tassev, MD of Galix Networking, comments that while POPIA compliance is unavoidable for organisations operating within or from SA, businesses need to weigh the costs and impacts of complying with GDPR unless it is necessary for business perpetuity, both immediate and in the future.
From a local perspective, he says, organisations should be addressing POPIA first. However, firms should still look at the overlaps and address those for both POPIA and GDPR simultaneously, ticking the necessary boxes for GDPR as they work through their POPI compliance, he adds.
Tassev points out that the remaining GDPR requirements can be met as and when the organisations determine to move into EU markets. "This will ensure the business saves money as well as time, directing their resource flow with more focus."
Europe will also enact the Privacy and Electronic Communications Regulations or ePrivacy Regulations, which, together with the GDPR, is the second column of data protection regulation in the EU.
Michalsons says this will set the tone for direct electronic marketing regulation throughout the world.
In SA, the law regards electronic communications will be updated. The proposed Electronic Communications Amendment Bill is part of the legislation required to implement the Department of Transport and Postal Services' contentious Information and Communication Technologies Policy White Paper.
Michalsons believes in 2018, technology will enable more efficient legal solutions. It explains that all kinds of technology - from chatbots, Web sites, artificial intelligence (AI), self-assessment tools, contract management tools, to automatic document assembly tools - will be used to provide legal services better and cheaper than ever before.
The law firm adds the distributed ledger of the blockchain will be used to build trust in key areas, such as identity verification, property ownership, and authenticating diamonds and artworks.
According to Michalsons, in 2018, laws to combat cyber or information security will be enacted. It points out the importance of cyber and information security is as great as ever and breaches, hacks and cyber crime will continue to increase.
"Laws will be enacted to try to combat cyber crime by making it easier to catch and prosecute criminals. In South Africa, the Cyber Crimes Bill will be enacted despite its many flaws, one of which is Internet censorship."
However, Michalsons notes the law will struggle to keep up with new technologies. The speed of advanced technology development is breathtaking, it notes, adding that things like robots, AI, augmented reality, neural networks, blockchain and the Internet of things will start to have a real impact.
"The law will continue to struggle to keep up, and people wishing to sell, implement and use these new technologies will have to think out of the box until the law catches up," it says.