Cybercrimes Bill defanged, but our privacy rights are still not secured

By Murray Hunter and Alison Tilley 21 December 2018

You may not have noticed, but in the final days of 2018, South Africa scored a win for internet freedom, as legislators defanged the Cybercrimes Bill.

The Cybercrimes Bill had long been viewed as a potential threat to internet freedom, with clauses that might have enabled social media clampdowns or expanded government surveillance. (See previous analysis here and here)

But in early December, after sustained criticism, Parliament agreed to major drafting changes which stripped out almost every one of those clauses.

When the National Assembly finally voted in favour of the Bill, it felt like a news report that a meteor had just hurtled past Earth’s atmosphere would feel – you may not have known, but we narrowly escaped its catastrophic impact.

To understand the changes, we first have to look at what was in the Bill when it came to Parliament in 2017. (We won’t go into the 2015 draft Bill, which was shot to pieces for heavy-handed clauses on copyright and on state secrecy – these were withdrawn before the Bill got to Parliament.)

In 2017, the Bill had two main parts – the first half related to ‘cybercrimes’, and the second to ‘cybersecurity’. The section on ‘cybercrimes’ was driven by the Department of Justice, with the intention of updating definitions of various cyber-related crimes, such as online fraud, hacking, and data theft, and improving the state’s capacity to fight these. There were significant criticisms of certain provisions, but few people argued with the underlying need for updated cybercrimes policy.

The second half of the Bill – the ‘cybersecurity’ section – was driven by the state-security structures, and that’s where internet freedom was really put at risk. In the name of cybersecurity, these provisions would have transferred far-reaching powers to the State Security structures, then under former minister David Mahlobo, to get access to and oversee any network, database or device on the internet, if the Minister mandated it. In the style of ‘national key points’, the Minister could declare any part of the internet (network, device or server) to be subject to invasive vetting by State Security structures for national security reasons, at a time when the same state security structures were already displaying an appetite for unchecked spying and monitoring of the populace.

At the same time, Mahlobo famously proposed that the Bill would be needed to regulate ‘false narratives’ on social media. This specific proposal was realised with the insertion, by persons unknown, of a clause that would have made it a crime to post a message deemed to be “inherently false” and “aimed at causing mental, psychological, physical or economic harm”.

All of these proposals rightly raised the alarm that the Bill had provisions that could pose a serious threat to internet freedom and freedom of expression.

But after months of stalemate, in October and November, the Bill’s drafters took major steps to address those concerns.

In late October, the Department of Justice tabled a new version before Parliament which had the entire ‘cybersecurity’ section stripped out, removing every single proposal advanced by the Mahlobo’s State Security. This new version also offered key improvements to the ‘cybercrimes’ sections which sought to address concerns about freedom of expression. The National Assembly eventually voted in support of this new version of the Bill.

So, the year 2018 closes with at least a partial victory for internet freedom – no powers for State Security, no ‘fake news’ clauses, and (though the final version of the Bill is not above criticism) the promise of more effective policing of online crimes such as fraud, hacking, and ‘revenge porn’.

It’s worth celebrating.

Still, in 2019 we need much more. Far too many people don’t know this, but South Africa has an existing law that would protect millions of people from having their personal information misused or stolen online.

The Protection of Personal Information Act (POPI) was signed into law five years ago, but a series of baffling bureaucratic delays mean that it isn’t yet in force. If it were in force, any government or private entity that misused your personal information could be investigated and penalised by a new watchdog body called the Information Regulator. But, years after the law was passed, and after a plethora of major data breaches, the Information Regulator (now headed by Adv Pansy Tlakula) is still staffed by only a handful of people, and the full protections in the POPI law won’t come into effect until that changes.

Each arm of government seems to blame another for these delays, but for ordinary people, the effect is the same: our personal information can be stolen or leaked online at any time, and the watchdog that should be in place to protect us, isn’t.

The failure to bring this signature law into force is even more baffling as we head towards the 2019 elections, given evidence in the US, UK and elsewhere that the popular vote can be manipulated by those with unregulated access to people’s personal data.

So, the year closes with an overlooked legislative victory for your digital rights. But the next year opens with a major overlooked threat to those same rights. So get some rest this festive season – there’s a big battle still ahead of us. DM


In other news...

South Africa is in a very real battle. A political fight where terms such as truth and democracy can seem more of a suggestion as opposed to a necessity.

On one side of the battle are those openly willing to undermine the sovereignty of a democratic society, completely disregarding the weight and power of the oaths declared when they took office. If their mission was to decrease society’s trust in government - mission accomplished.

And on the other side are those who believe in the ethos of a country whose constitution was once declared the most progressive in the world. The hope that truth, justice and accountability in politics, business and society is not simply fairy tale dust sprinkled in great electoral speeches; but rather a cause that needs to be intentionally acted upon every day.

However, it would be an offensive oversight not to acknowledge that right there on the front lines, alongside whistleblowers and civil society, stand the journalists. Armed with only their determination to inform society and defend the truth, caught in the crossfire of shots fired from both sides.

If you believe in supporting the cause and the work of Daily Maverick then take your position on the battleground and sign up to Maverick Insider today.

For whatever amount you choose, you can support Daily Maverick and it only takes a minute.

Support Daily MaverickPayment options

Comments - share your knowledge and experience

Please note you must be a Maverick Insider to comment. Sign up here or if you are already an Insider.

Special Investigation

CITES RHINO FILES: Death or glory for species on the ban wagon?

By Tiara Walters


Marikana & the seven-year struggle

Greg Nicolson, Chanel Retief and Yanga Sibembe 18 hours ago

The Pentagon has twice as many bathrooms than necessary due to segregation being in force when it was constructed.