August 2022


ICASA is the primary regulatory authority for the ICT sector comprising telecoms, broadcasting and postal services.  It has, among other powers, the power to address competition in the sector under Chapter 10 of the ECA.  However, this is a limited power, applying only in relation to markets where there is ineffective competition.  ICASA’s powers of enforcement (called ex ante powers) are limited to imposing licence conditions of a particular type on licensees that have significant market power in that or those markets.

The Competition Commission has concurrent jurisdiction (with ICASA) over the ICT sector by virtue of its national oversight over competition in the Republic.  The Commission’s jurisdiction covers mergers of regulated entities including the acquisition of control in some cases, and it can also address anti-competitive conduct by licensees (ex post powers).  ICASA must be consulted in all of these matters.

Competition and the economy

A healthy market could be considered to be one in which there is a reasonable number of licensees that are competitors, providing varied services at reasonable prices, all of whom have broadly equal access to necessary resources.  This approach puts the public interest at the heart of competition.

This view is changing – the number of competitors is not necessarily indicative of a healthy market if some of those competitors cannot sustain themselves and if regulatory intervention is not adequate to prevent large licensees from distorting competition.

The importance of scale

Competition in telecoms at the retail level is generally about price, quality and innovation.  In an economic downturn, price often becomes the most important.  To offer reasonable prices, a licensee needs economies of scale and scope, and preferential or at least equal access to scarce resources.

Building a telecoms network is capital-intensive and the operating costs are substantial.  The greater the market share of that licensee, the more scale it will have and the more efficient it can be, which can enable it to reduce its costs.  The expected outcome is a reduction in price.

The importance of regulation

If there are imbalances in market power and therefore in scale, these are likely to drive small licensees out of the market unless they are offset by regulatory obligations on large licensees, such as sharing access to those scarce resources, price regulation, transparency and accountability obligations.   This is because small operator costs are likely to remain high if they lack scale, and their ability to challenge rivals on price (without prejudicing their own financial position) will be severely limited.

It is at this point that large competitors may engage in anti-competitive practises, decreasing prices below cost, for example, in order to grow their on-net communities and increase their scale further.  These activities should also draw the attention of the Competition Commission.


All private and public bodies must appoint an Information Officer (IO).  In the case of private companies, the head of the organisation (usually the CEO) is automatically the IO unless he or she delegates this role to someone else. There are forms available on the Information Regulator’s website that must be completed for both the appointment of the IO and the delegation of the IO’s duties.

The IO has specific duties including the creation and implementation of a compliance framework within the company, the publication of a Promotion of Access to Information Act Manual (also known as a PAIA manual), receiving and dealing with requests for access to personal information, and training.  The PAIA manual is a document that takes a standard form, which can be downloaded at Understanding PAIA (  However, the information that is included in the manual is specific to each organisation.  Every company must have a PAIA manual that is published to their website and available at their offices.  This manual deals with the rules for accessing information needed by a person to protect or enforce a right.

The IO must, in order to properly deal with personal information and processing, ensure that every kind of risk to personal information is addressed by implementing various rules and safeguards within the company.

In addition to the manual, the IO must establish the processes for obtaining consent from existing data subjects i.e. those people whose personal information the company already has, and future data subjects.  The processes for collecting, storing, using, accessing and destroying that information must all be documented and enforced.

 To find out more, contact us.  This is not legal advice.