PAIA regulates the constitutional right of ‘access to information’ held by public and private institutions, and stipulates conditions for how one may request access to this information.
“Everyone has the right of access to – (a) any information held by the state; and (b) any information that is held by another person and that is required for the exercise or protection of any rights.” Section 32(1) of South Africa’s Constitution.
PAIA Manual
Section 51 PAIA (which was profoundly amended by POPIA) requires all private companies to make a “Manual” available. This Manual essentially explains how people may request access to information held by companies. The exemption from this obligation expired on 31 December 2021. As of 1 January 2022, all public and private bodies must have their PAIA Manual available at their principal place of business, on their website, and to anyone who requests it.
PAIA versus POPIA
Access to information (PAIA) and protection of (personal) information (POPIA) are two opposite sides of the same coin. The former encourages transparency, openness and the free flow of data. The latter attempts to restrict that flow. The former is a founding principle in democratic societies where citizens need to be able to inform themselves. The latter is a founding principle of liberal societies where individuals autonomously control which information about them may be shared and used. Both rights may clash, and therefore need to be balanced with one another.
While there are some administrative and procedural requirements in terms of POPIA and PAIA, it is important to remember that these are not central to what they are trying to accomplish. What is central is their requirement to manage information respectful of the interests of data subjects and informed citizens.
How is PAIA different from POPIA?
1 / The information PAIA promotes the access to, is not necessarily “personal information” as defined in POPIA – it can be any information.
2 / In terms of POPIA as well as PAIA, a request to access “information” needs to demonstrate that this access is required to exercise or protect another right. It may seem bizarre that s25 POPIA refers to this condition in s53(2)(d) – after all, the right to access information about oneself is a right in itself, and does not need further justifications.
3 / A POPIA as well as a PAIA request to access information may or must be refused for a number of reasons, including the protection of third parties or confidential information (ss62 – 69 PAIA). Again, this reference in s23(4) POPIA may seem counterintuitive – how could a third party’s rights trump my personal right to have access to my personal information held by an institution?
This website uses cookies to collect information about how you engage with our website, to manage access to some of its restricted content and user accounts, and to make our online shop work. Continuing to use this website implies that you accept our Privacy Statement | Website Terms of Use | Cookie-Use Policy
Your privacy is important to us. This website uses cookies that are necessary for the management of your cookie consent, and non-necessary cookies that collect information about how you engage with our website, manage access to some of its restricted content and user accounts, and make our online shop work. Continuing to use this website implies that you accept our Privacy Statement | Website Terms of Use | Cookie-Use Policy
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional
1 year
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_MM7N47F8ZT
2 years
This cookie is installed by Google Analytics.
_gat_gtag_UA_211894160_1
1 minute
Set by Google to distinguish users.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.