The Cybercrimes and Cybersecurity Bill (“ the Bill”) has been released on 28 August 2015, introducing a number of measures to combat cybercrime in South Africa.
The Bill, according to the preamble and explanatory notes, is designed to bring South African law into line with international standards and create specific offences for internet-related crime.
The Bill inter alia aims to regulate the jurisdiction of the court, to deal with offences and to impose penalties on cybercrime.
The Bill further aims to regulate the powers to investigate, search and access, or seize, as well aspects of international cooperation in respect of the investigation of cybercrime.
The Bill also imposes obligations on electronic communications service providers with respect to cyber security.
The Bill details the following as offences:
• Attempting, conspiring, aiding, abetting, inducing, inciting, instigating, instructing, commanding, or procuring to commit an offence;
• Computer related fraud;
• Computer related forgery and uttering;
• Computer related appropriation;
• Computer related extortion;
• Computer related terrorist activity and related offences;
• Computer related espionage and unlawful access to restricted data;
• Harbouring or concealing a person who commits an offence;
• Infringement of copyright;
• Personal information and financial information related offences;
• Prohibition on dissemination of a data message which advocates, promotes or incites hate, discrimination or violence;
• Prohibition on incitement of violence and damage to property;
• Prohibited financial transactions;
• Unlawful access;
• Unlawful interception of data;
• Unlawful acts in respect of software or hardware tools;
• Unlawful interference with data;
• Unlawful interference with a computer device, computer network, database, critical database, electronic communications network or National Critical Information Infrastructure;
• Unlawful acts in respect of malware; and
• Unlawful acquisition, possession, provision, receipt or use of passwords, access codes or similar data or devices.
The Bill establishes a 24 hour, 7 days a week Point of Contact and various structures to deal with cyber security, furthermore the Bill regulate the identification and declaration of National Critical Information Infrastructures and measures to protect National Critical Information Infrastructures.
The Bill also make provision for the President to promote cyber security and to enter into agreements with foreign States on matters of cyber security.