On 2 May 2023, the Information Regulator (“the Regulator”) published a Media Statement notifying Information Officers of public and private bodies of the requirement to submit reports, by 30 June 2023, regarding access to information requests made in terms of the Promotion of Access to Information Act, 2000 (“PAIA”). 

Ensuring PAIA compliance in the private sector

Section 83(4) of PAIA empowers the Regulator to make requests to private bodies to submit information about requests for access to records of the private body for purposes of the Regulator’s annual report to the National Assembly set out in section 84 of PAIA.

In the past, only information officers of public bodies were obliged to submit PAIA reports to the Regulator in accordance with section 32 of PAIA. The reporting requirement has now been extended to private bodies in terms of section 83(4) of PAIA.

The Regulator has stated in its Media Statement that it is using its powers under PAIA to analyse whether public and private bodies are receiving and recording requests for information adequately.

Online PAIA reporting process 

All private bodies must sign up and have their Information Officers registered with the Regulator via the registration portal before a PAIA report can be submitted. Once the registration process is complete, the private body may submit its PAIA report online between 1 May 2023 and 30 June 2023.

The PAIA reports are to be submitted via an online form using the Regulator’s online portal here.

The report requires private and public bodies to disclose information relating to their handling and experience of PAIA requests, including information such as:

  • the number of PAIA requests received;
  • the number of PAIA requests granted (both in full and in part) and rejected;
  • the number of internal appeals lodged and the outcomes of such appeals; and
  • the number of court applications that were lodged on the grounds that an internal appeal was dismissed.

Please reach out to Clyde & Co’s Cyber and Regulatory teams should you require any support with the submission of your organisation’s PAIA report or compliance with South Africa’s data privacy laws.