A very interesting decision of 𝐇𝐢𝐠𝐡 𝐂𝐨𝐮𝐫𝐭 𝐨𝐟 𝐒𝐨𝐮𝐭𝐡 𝐀𝐟𝐫𝐢𝐜𝐚 in Zulu Nyala Game Ranch v Beukes where 𝐚 𝐟𝐨𝐫𝐦𝐞𝐫 𝐞𝐦𝐩𝐥𝐨𝐲𝐞𝐞 𝐰𝐚𝐥𝐤𝐞𝐝 𝐨𝐟𝐟 𝐰𝐢𝐭𝐡 𝐚 𝐜𝐮𝐬𝐭𝐨𝐦𝐞𝐫 𝐥𝐢𝐬𝐭 𝐭𝐨 𝐛𝐞𝐧𝐞𝐟𝐢𝐭 𝐚 𝐜𝐨𝐦𝐩𝐞𝐭𝐢𝐭𝐨𝐫.
𝐁𝐲 𝐭𝐫𝐞𝐚𝐭𝐢𝐧𝐠 𝐭𝐡𝐞 𝐝𝐢𝐬𝐭𝐢𝐧𝐜𝐭𝐢𝐨𝐧 𝐛𝐞𝐭𝐰𝐞𝐞𝐧 “𝐩𝐞𝐫𝐬𝐨𝐧𝐚𝐥 𝐢𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧” 𝐚𝐧𝐝 “𝐜𝐨𝐧𝐟𝐢𝐝𝐞𝐧𝐭𝐢𝐚𝐥 𝐢𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧” 𝐚𝐬 𝐛𝐞𝐢𝐧𝐠 𝐨𝐟 𝐧𝐨 𝐬𝐢𝐠𝐧𝐢𝐟𝐢𝐜𝐚𝐧𝐜𝐞, 𝐭𝐡𝐞 𝐣𝐮𝐝𝐠𝐞 𝐞𝐟𝐟𝐞𝐜𝐭𝐢𝐯𝐞𝐥𝐲 𝐮𝐬𝐞𝐝 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐨𝐟 𝐏𝐞𝐫𝐬𝐨𝐧𝐚𝐥 𝐈𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧 𝐀𝐜𝐭 (𝐏𝐎𝐏𝐈𝐀) 𝐚𝐬 𝐚 𝐩𝐫𝐨𝐱𝐲 𝐟𝐨𝐫 𝐭𝐡𝐞 𝐜𝐨𝐦𝐦𝐨𝐧 𝐥𝐚𝐰.
This is a significant pivot because it allows a litigant to bypass the traditional heavy lifting of the 𝐬𝐩𝐫𝐢𝐧𝐠𝐛𝐨𝐚𝐫𝐝 𝐝𝐨𝐜𝐭𝐫𝐢𝐧𝐞. Instead of proving that a customer list is objectively secret and possesses independent economic value, an applicant can now simply point to the statutory label of personal information to secure an interdict. 𝐈𝐭 𝐢𝐬 𝐚 𝐰𝐢𝐧 𝐟𝐨𝐫 𝐞𝐦𝐩𝐥𝐨𝐲𝐞𝐫𝐬, 𝐛𝐮𝐭 𝐢𝐭 𝐜𝐫𝐞𝐚𝐭𝐞𝐬 𝐚 𝐥𝐞𝐠𝐚𝐥 𝐟𝐢𝐜𝐭𝐢𝐨𝐧 𝐰𝐡𝐞𝐫𝐞 𝐩𝐫𝐢𝐯𝐚𝐜𝐲 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 𝐢𝐬 𝐦𝐢𝐬𝐭𝐚𝐤𝐞𝐧𝐥𝐲 𝐞𝐪𝐮𝐚𝐭𝐞𝐝 𝐰𝐢𝐭𝐡 𝐩𝐫𝐨𝐩𝐫𝐢𝐞𝐭𝐚𝐫𝐲 𝐨𝐰𝐧𝐞𝐫𝐬𝐡𝐢𝐩.
𝐔𝐧𝐝𝐞𝐫 𝐈𝐧𝐝𝐢𝐚𝐧 𝐃𝐏𝐃𝐏𝐀, 𝐰𝐡𝐢𝐥𝐞 𝐒𝐞𝐜𝐭𝐢𝐨𝐧 𝟕 𝐨𝐟 𝐭𝐡𝐞 𝐃𝐏𝐃𝐏𝐀 𝐚𝐥𝐥𝐨𝐰𝐬 𝐟𝐨𝐫 𝐝𝐚𝐭𝐚 𝐩𝐫𝐨𝐜𝐞𝐬𝐬𝐢𝐧𝐠 𝐭𝐨 𝐩𝐫𝐨𝐭𝐞𝐜𝐭 𝐭𝐫𝐚𝐝𝐞 𝐬𝐞𝐜𝐫𝐞𝐭𝐬, 𝐢𝐭 𝐝𝐨𝐞𝐬 𝐧𝐨𝐭 𝐦𝐚𝐠𝐢𝐜𝐚𝐥𝐥𝐲 𝐭𝐫𝐚𝐧𝐬𝐟𝐨𝐫𝐦 𝐚𝐥𝐥 𝐩𝐞𝐫𝐬𝐨𝐧𝐚𝐥 𝐝𝐚𝐭𝐚 𝐢𝐧𝐭𝐨 𝐚 𝐩𝐫𝐨𝐭𝐞𝐜𝐭𝐚𝐛𝐥𝐞 𝐭𝐫𝐚𝐝𝐞 𝐬𝐞𝐜𝐫𝐞𝐭. The real insight here is that the DPDPA should be used to establish the duty of confidentiality proving that the 𝐝𝐚𝐭𝐚 𝐰𝐚𝐬 𝐬𝐮𝐛𝐣𝐞𝐜𝐭 𝐭𝐨 𝐬𝐭𝐫𝐢𝐜𝐭 𝐜𝐨𝐧𝐭𝐫𝐨𝐥𝐬 but the actual proprietary claim must still stand on its own feet under IP statutes.
𝐈𝐟 𝐰𝐞 𝐚𝐥𝐥𝐨𝐰 𝐭𝐡𝐞 𝐙𝐮𝐥𝐮 𝐍𝐲𝐚𝐥𝐚 𝐥𝐨𝐠𝐢𝐜 𝐭𝐨 𝐭𝐚𝐤𝐞 𝐫𝐨𝐨𝐭 𝐢𝐧 𝐈𝐧𝐝𝐢𝐚, 𝐰𝐞 𝐫𝐢𝐬𝐤 𝐚 𝐬𝐮𝐫𝐠𝐞 𝐨𝐟 𝐫𝐞𝐠𝐮𝐥𝐚𝐭𝐨𝐫𝐲 𝐜𝐫𝐞𝐞𝐩 𝐰𝐡𝐞𝐫𝐞 𝐞𝐯𝐞𝐫𝐲 𝐢𝐧𝐭𝐞𝐫𝐧𝐚𝐥 𝐝𝐚𝐭𝐚 𝐥𝐞𝐚𝐤 𝐢𝐬 𝐢𝐧𝐜𝐨𝐫𝐫𝐞𝐜𝐭𝐥𝐲 𝐥𝐢𝐭𝐢𝐠𝐚𝐭𝐞𝐝 𝐚𝐬 𝐚 𝐡𝐢𝐠𝐡 𝐬𝐭𝐚𝐤𝐞𝐬 𝐭𝐡𝐞𝐟𝐭 𝐨𝐟 𝐢𝐧𝐭𝐞𝐥𝐥𝐞𝐜𝐭𝐮𝐚𝐥 𝐩𝐫𝐨𝐩𝐞𝐫𝐭𝐲.
This blog is an academic initiative brought to you by the Data Privacy Pro team of AMLEGALS. Subscribe – Stay updated, Stay compliant.