Act 125 of 1995 on the National Security Services - Legislationline
Act 125 of 1995 on the National Security Services - Legislationline
Act 125 of 1995 on the National Security Services - Legislationline
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Article 45<br />
Pursuant to internati<strong>on</strong>al commitments, <strong>the</strong> Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> may forward pers<strong>on</strong>al<br />
data to foreign data managers within <strong>the</strong> limits <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong> legal regulati<strong>on</strong>s applying to <strong>the</strong> protecti<strong>on</strong><br />
<str<strong>on</strong>g>of</str<strong>on</strong>g> pers<strong>on</strong>al data.<br />
Article 46<br />
The Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> shall keep records <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong> forwarding <str<strong>on</strong>g>of</str<strong>on</strong>g> pers<strong>on</strong>al data, which<br />
shall include<br />
a) <strong>the</strong> data disclosure request;<br />
b) <strong>the</strong> register identifier <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong> party requesting <strong>the</strong> data;<br />
c) <strong>the</strong> time <str<strong>on</strong>g>of</str<strong>on</strong>g> data forwarding;<br />
d) <strong>the</strong> duplicate copy <str<strong>on</strong>g>of</str<strong>on</strong>g> papers and o<strong>the</strong>r documents <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong> data disclosure.<br />
Article 47<br />
(1) The Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> may interc<strong>on</strong>nect <strong>the</strong>ir data management systems or c<strong>on</strong>nect<br />
<strong>the</strong>m to those <str<strong>on</strong>g>of</str<strong>on</strong>g> o<strong>the</strong>r government data management agencies to fulfil specific tasks, provided<br />
that <strong>the</strong> c<strong>on</strong>diti<strong>on</strong>s <str<strong>on</strong>g>of</str<strong>on</strong>g> data protecti<strong>on</strong> and data security are ensured at <strong>the</strong> o<strong>the</strong>r data manager as<br />
well.<br />
(2) The c<strong>on</strong>necti<strong>on</strong> shall be terminated after <strong>the</strong> completi<strong>on</strong> <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong> specific nati<strong>on</strong>al security task<br />
and <strong>the</strong> data file created during <strong>the</strong> c<strong>on</strong>necti<strong>on</strong> shall be deleted after <strong>the</strong> terminati<strong>on</strong> <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong><br />
process.<br />
Article 48<br />
(1) In <strong>the</strong> interest <str<strong>on</strong>g>of</str<strong>on</strong>g> nati<strong>on</strong>al security or to protect <strong>the</strong> rights <str<strong>on</strong>g>of</str<strong>on</strong>g> o<strong>the</strong>rs, <strong>the</strong> general director <str<strong>on</strong>g>of</str<strong>on</strong>g><br />
<strong>the</strong> nati<strong>on</strong>al security service may refuse <strong>the</strong> request <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong> party c<strong>on</strong>cerned to disclose data<br />
managed by <strong>the</strong> Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> or included in <strong>the</strong> data forwarding records indicated<br />
in Article 46; or to delete his/her pers<strong>on</strong>al data or to learn data <str<strong>on</strong>g>of</str<strong>on</strong>g> public interest managed by <strong>the</strong><br />
Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong>.<br />
(2) The Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> shall keep records <str<strong>on</strong>g>of</str<strong>on</strong>g> requests received from parties<br />
c<strong>on</strong>cerned, and <strong>the</strong>y shall inform <strong>the</strong> data protecti<strong>on</strong> commissi<strong>on</strong>er <str<strong>on</strong>g>of</str<strong>on</strong>g> such requests, <strong>the</strong> manner<br />
<str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong>ir evaluati<strong>on</strong> and reas<strong>on</strong>s for refusal <strong>on</strong> an annual basis.<br />
(3) In <strong>the</strong> interest <str<strong>on</strong>g>of</str<strong>on</strong>g> nati<strong>on</strong>al security, <strong>the</strong> general director may restrict <strong>the</strong> data inspecti<strong>on</strong> right<br />
<str<strong>on</strong>g>of</str<strong>on</strong>g> pers<strong>on</strong>s c<strong>on</strong>cerned, provided for in Paragraph (3), Article 11 <str<strong>on</strong>g>of</str<strong>on</strong>g> <str<strong>on</strong>g>Act</str<strong>on</strong>g> LXV <str<strong>on</strong>g>of</str<strong>on</strong>g> <str<strong>on</strong>g>1995</str<strong>on</strong>g> <strong>on</strong> State and<br />
service secrets, with respect to Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> data classified as service secret.<br />
Article 49<br />
(1) The general directors shall provide for preventing unauthorised access to, and<br />
communicati<strong>on</strong>, alterati<strong>on</strong>, deleti<strong>on</strong> or destructi<strong>on</strong> <str<strong>on</strong>g>of</str<strong>on</strong>g>, data, and for protecti<strong>on</strong> against illegal<br />
access (data security).<br />
(2) The Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> shall regularly c<strong>on</strong>trol <strong>the</strong> correctness <str<strong>on</strong>g>of</str<strong>on</strong>g> pers<strong>on</strong>al data<br />
managed by <strong>the</strong>m. Data that does not corresp<strong>on</strong>d to <strong>the</strong> facts shall be corrected, and data based <strong>on</strong><br />
facts shall be distinguished from those based <strong>on</strong> deducti<strong>on</strong>, opini<strong>on</strong> or estimati<strong>on</strong> in <strong>the</strong> data<br />
management process.<br />
(3) The Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> shall treat data associated with <strong>the</strong>ir regulatory powers<br />
separately from o<strong>the</strong>r data.<br />
Article 50<br />
(1) In order to fulfil <strong>the</strong> duties set out this <str<strong>on</strong>g>Act</str<strong>on</strong>g>, <strong>the</strong> Nati<strong>on</strong>al <strong>Security</strong> <strong>Services</strong> may take over<br />
from <strong>the</strong> records <str<strong>on</strong>g>of</str<strong>on</strong>g> o<strong>the</strong>r agencies authorised to manage data and manage <strong>the</strong> following:<br />
a) data <str<strong>on</strong>g>of</str<strong>on</strong>g> safety certificates, for 10 years starting from <strong>the</strong> end <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong>ir term <str<strong>on</strong>g>of</str<strong>on</strong>g> validity;<br />
b) documents issued during <strong>the</strong> supervisi<strong>on</strong> and management <str<strong>on</strong>g>of</str<strong>on</strong>g> encrypti<strong>on</strong> activity, for 10<br />
years starting from <strong>the</strong> end <str<strong>on</strong>g>of</str<strong>on</strong>g> <strong>the</strong>ir term <str<strong>on</strong>g>of</str<strong>on</strong>g> validity;