The Deputy Minister of Justice and Constitutional Development, John Jeffery, said the country’s new Cybercrimes and Cybersecurity Bill will be tabled in Parliament soon.
The Bill has already been approved by Cabinet.
“The Bill aims to put in place a coherent and integrated cybersecurity statutory framework to address various shortcomings which exist in dealing with cybercrime and cybersecurity in the country,” stated the SA Government website.
The purpose of the Cybercrimes and Cybersecurity Bill is to:
- Create offences and prescribe penalties;
- Further regulate jurisdiction;
- Further regulate the powers to investigate, search and gain access to or seize items;
- Further regulate aspects of international cooperation in respect of the investigation of cybercrime;
- Provide for the establishment of a 24/7 point of contact;
- Provide for the establishment of various structures to deal with cybersecurity;
- Regulate the identification and declaration of National Critical Information Infrastructures and provides for measures to protect National Critical Information Infrastructures;
- Further regulate aspects relating to evidence;
- Impose obligations on electronic communications service providers regarding aspects which may impact on cybersecurity;
- Provide that the President may enter into agreements with foreign States to promote cybersecurity; and
- Repeal and amend certain laws.
How it will affect you
Michalsons law firm has published an overview of the Cybercrimes and Cybersecurity Bill, explaining why we need it and who will be affected by it. The bill is aimed at keeping South Africans safe from cybercrime and consolidates the country’s cybercrime laws into one place.
People who will be affected by the new bill include “everyone who uses a computer or the Internet”, along with:
- People involved with IT or POPI compliance;
- Electronic Communications Service Providers;
- Providers of software or hardware tools that could be used to commit offences;
- Financial services providers;
- Owners of copyrights and pirates;
- Information Security experts; and
- Anyone who owns an Information Infrastructure that Government could declare as critical.
What the bill deals with
The bill creates around 50 new offences, which are related to data, messages, computers, and networks, said Michalsons.
These offences include:
- Using personal information or financial information to commit an offence;
- Unlawful interception of data;
- Computer-related forgery and uttering; and
- Extortion or terrorist activity.
The penalties for these offences range from 1-10 years in prison or up to a R10-million fine.
The bill also aims to protect critical infrastructure of a strategic nature from interference and disruption.
This infrastructure includes that which aids in keeping the country’s security, defence, and law enforcement operational; and provides essential services.
Powers to investigate
“The Cybercrimes and Cybersecurity Bill gives the South African Police and the State Security Agency extensive powers to investigate, search, access, and seize just about anything – like a computer, database, or network,” said Michalsons.
As part of the requirements of the bill, the Minister of Police must establish a National Cybercrime Centre and a Cyber Response Committee, of which the chairperson will be the Director-General: State Security.
The Minister of Defence must also establish and operate a Cyber Command, while the Minister of Telecommunications and Postal Services must establish a Cyber Security Hub.