Cybersecurity Bill goes to Parliament

The new and proposed Cybercrime and Cybersecurity Bill, which aims to create offences and prescribed penalties related to cybercrime, will be presented to Parliament within a few weeks.

The offences provided for in the bill aim to protect the confidentiality, integrity and availability of computer data and systems by means of the offences of unlawful access, interception of protected data, malware-related offences, interference with data and computer systems and password-related offences.

The bill was made available for public comment in 2015 and comments were taken into account in the finalisation of a further draft of the bill.

Briefing the media on Thursday, the Deputy Minister of Justice and Constitutional Development John Jeffery, said the bill criminalises cyber-facilitated offences by means of the offences of fraud, forgery, uttering and extortion, which were adopted specifically for the cyber environment.

“Jurisdiction in respect of all offences which can be committed in cyberspace is expanded substantially in terms of the bill, mainly to deal with cybercrime which originates from outside our borders,” said Deputy Minister Jeffery.

The bill also puts in place specialised procedures, with sufficient checks and balances to protect the rights of an accused person and other users of information communication technologies to deal with the investigation of cybercrimes.

Deputy Minister Jeffery said since many cybercrimes originate from another country, the bill further provides for procedures which facilitate mutual assistance with other countries in the investigation of cybercrimes.

Malicious communications

With regards to malicious communications, the Deputy Minister said the bill aims to criminalise a data message which incites the causing of any damage to any property belonging to, or violence against a person or a group of persons, which is harmful, intimate in nature and distributed without the consent of the person involved.

“Provision is made in the bill for an interim protection order pending finalisation of criminal proceedings. In terms of the protection order, a court may prohibit any person from distributing the data message or may order an electronic communications service provider or person in control of a computer system to remove or disable access to the data message in question,” Deputy Minister Jeffery explained.

The bill also inserts a new section in the Criminal Law (Sexual Offences and Related Matters) Amendment Act, 227 to criminalise the harmful disclosure of pornography.

The Deputy Minister also addressed the misconceptions surrounding the role of the State Security Agency, which has been assigned a role to coordinate the implementation of the cybersecurity initiative of government.

“The additional structures which need to be established within the State Security Agency do not give any powers to agency to control the internet,” he said.

He further addressed misconceptions around the interception of data and allegations that the bill increases the State’s surveillance powers.

“In order to prove an offence in a court of law, data must be seized as evidence material. If the State cannot seize evidential material to adduce as evidence, it is impossible to prove the guilt of an accused person.”