First Thing, Daily Maverick's flagship newsletter

Join the 230 000 South Africans who read First Thing newsletter.

A South African Hero: You

There’s a 99.7% chance that this isn’t for you. Only 0.3% of our readers have responded to this call for action.

Those 0.3% of our readers are our hidden heroes, who are fuelling our work and impacting the lives of every South African in doing so. They’re the people who contribute to keep Daily Maverick free for all, including you.

We need so many more of our readers to join them. The equation is quite simple: the more members we have, the more reporting and investigations we can do, and the greater the impact on the country. We are inundated with tip-offs; we know where to look and what to do with the information when we have it – we just need the means to help us keep doing this work.

Be part of that 0.3%. Be a Maverick. Be a Maverick Insider.

Support Daily Maverick→
Payment options

Cybercrimes are now officially part of our laws, but th...

South Africa

CYBERSECURITY OP-ED

Not all of the cogs in the Cybercrimes Act machine are turning at once — we still remain vulnerable

The authors say that some sections of the Cybercrimes Act won’t commence immediately from 1 December 2021, and argue it is of concern that they are not operational. (Images: Flickr / gjiongo / Lillian Allen)

The signing into law of the Act is a welcome step, but it is concerning that sections dealing with revenge porn and protection orders are not yet part of the final legislation.

The advent of the Covid-19 pandemic has meant that we are spending more time than ever using our electronic devices. It’s not surprising that crimes related to cyber-security vulnerability and breaches such as internet fraud, email hacks and having one’s privacy compromised by hackers and other entities have become commonplace.

The problem with our law on such crimes is that it is out of date and we are running to catch up with the new and ingenious ways people have of committing crimes. So, we needed a Cybercrimes Act in order to make sure we can use the law effectively to stop cybercrime.

Such a cybersecurity law needs to protect us on three levels: protecting our personal data, protecting our devices, and protecting the networks we use (the infrastructure that connects us to the internet and other people). Our rights to privacy, our right to freedom of expression and our right to access information must be protected. We should not be denied access to our own data by criminals holding our information hostage, or find our bank accounts emptied of their contents.

On 28 August 2015, the first Cybercrimes and Cybersecurity Bill (2015) was published. The final Cybercrimes Bill (2017) was introduced in Parliament on 22 February 2020 and was required to go through multiple public participation processes for comment, during which extensive changes were made. The president of South Africa, Cyril Ramaphosa, signed the Cybercrimes Act (Act 19 of 2020) on 26 May 2021, and has now signed a Presidential Minute indicating that the commencement date of the Cybercrimes Act will be 1 December 2021. Some sections won’t commence immediately, and it is of concern that they are not operational.

Sections of the act dealing with revenge porn are not yet in operation [Section 11B, 11C, 11D and Section 56A(3)(c)-(e) of the Criminal Law (Sexual Offences and Related matter Amendment Act)]. These sections deal with what the act calls the harmful disclosure of pornography. This is understood to be where someone discloses intimate photographs of another person, often on social media, without that person’s consent, with the intention of causing harm, “including mental, psychological, physical, social or economic harm”.

Sections of the act which deal with issuing of protection orders are also not operational (Part VI of Chapter 2). A complainant who lays a charge with the South African Police Service that such an offence has allegedly been committed against them can apply to a magistrate’s court for a protection order pending the finalisation of the criminal proceedings.

These sections are an important part of the cybercrime framework, and it is concerning that we must wait for their long-overdue implementation.

Stopping cybercrime is of course not only the responsibility of law enforcement and prosecutors. We all have a role to play in combating cybercrimes and need to stay alert for such things as phishing, and keeping our anti-virus software updated.

One way to think of cybercrime is to think of it exactly like a virus, like Covid-19. If we all are vaccinated and stay home if we are infected, we can contain the disease. If many of us do not take these precautions, we are all at risk. DM

Sizwe Snail ka Mtuze is a practising attorney and Adjunct Professor at Nelson Mandela University as well as outgoing member of the Inaugural Information Regulator. Alison Tilley is an attorney and a part-time member of the Information Regulator.

Gallery

Comments - share your knowledge and experience

Please note you must be a Maverick Insider to comment. Sign up here or sign in if you are already an Insider.

Everybody has an opinion but not everyone has the knowledge and the experience to contribute meaningfully to a discussion. That’s what we want from our members. Help us learn with your expertise and insights on articles that we publish. We encourage different, respectful viewpoints to further our understanding of the world. View our comments policy here.

No Comments, yet

Please peer review 3 community comments before your comment can be posted