The rapid developments in technology have left many electronic spaces unregulated, with lack of or minimal protection to the consumer. However, 2019 could see some new regulatory developments aimed at affording the consumer a more favorable position, particularly in the electronic sphere.

The Protection of Personal Information Act, 2013 (POPIA), is South Africa's first piece of comprehensive data protection legislation. Although partially in effect, the substantive provisions of POPIA are yet to become fully effective. The final Protection of Personal Information Regulations were published on 14 December 2018, and their publication seems to indicate that the POPIA may well become effective during 2019.

One of the major changes that POPIA will bring about relates to direct marketing practices in South Africa. POPIA will override the direct marketing sections of the Electronic Communications and Transactions Act, 2002, which have applied hitherto, and will apply to all direct marketing that is conducted electronically. POPIA will require opt-out consent for existing customers and opt-in consent for new customers, thereby favoring the consumer.

Another new development relates to crypto assets. On 16 January 2019, the Intergovernmental FinTech Working Group and Crypto Assets Regulatory Working Group released a consultation paper on crypto assets. The paper specifically identified risks associated with consumer vulnerability as a result of sellers of crypto currencies not being regulated. The consultation paper recognizes, amongst other things, that there is no regulation or independent oversight in place to ensure that prices, fees and charges involved in crypto asset transactions, are set fairly and transparently. The paper goes on to advocate regulation to ensure consumer and investor protection in the crypto asset space, and proposes introducing regulation in phases, commencing with registration of traders and crypto asset products, and culminating in full regulation, over a period of two to three years.