SA’s info regulator is activating long dormant powers – ahead of a possible Facebook fight

South Africa’s Information Regulator is activating its power, under a 2013 law, to ban the processing of some kinds of personal information without prior permission.
The ban kicks in on 1 July, along with many other parts of the Protection of Personal Information Act (Popia).

But the process of turning it on started just weeks after the Information Regulator issued a stern warning to Facebook around its WhatsApp service.
The ban happens to cover exactly what the regulator feared: Facebook using personal information it previously gathered in new ways.

The effect is a ban on the processing of some types of personal information: from 1 July companies will be automatically prohibited from going ahead with covered processing endeavors until they get specific permission from the Information Regulator.

And one of the areas the ban covers is processing related to “any unique identifiers” – a telephone number for instance – “for a purpose other than the one for which the identifier was specifically intended at collection”.