The Promotion of Access to Information Act, 2000

Enforced by the Information Regulator

PAIA regulates the constitutional right of ‘access to information’ held by public and private institutions, and stipulates conditions for how one may request access to this information.

1. “Everyone has the right of access to – (a) any information held by the state; and (b) any information that is held by another person and that is required for the exercise or protection of any rights.” Section 32(1) of South Africa’s Constitution.

PAIA versus POPIA
Access to information (PAIA) and protection of (personal) information (POPIA) are two opposite sides of the same coin. The former encourages transparency, openness and the free flow of data. The latter attempts to restrict that flow. The former is a founding principle in democratic societies where citizens need to be able to inform themselves. The latter is a founding principle of liberal societies where individuals autonomously control which information about them may be shared and used. Both rights may clash, and therefore need to be balanced with one another.

How is PAIA different from POPIA?

1. 1 / The information PAIA promotes the access to, is not necessarily “personal information” as defined in POPIA – it can be any information.
2. 2 / In terms of POPIA as well as PAIA, a request to access “information” needs to demonstrate that this access is required to exercise or protect another right. It may seem bizarre that s25 POPIA refers to this condition in s53(2)(d) – after all, the right to access information about oneself is a right in itself, and does not need further justifications.
3. 3 / A POPIA as well as a PAIA request to access information may or must be refused for a number of reasons, including the protection of third parties or confidential information (ss62 – 69 PAIA). Again, this reference in s23(4) POPIA may seem counterintuitive – how could a third party’s rights trump my personal right to have access to my personal information held by an institution?