Contact

The Cybercrimes Bill is one step away from becoming law

Back to top

The Cybercrimes Bill is one step away from becoming law

On 1 July 2020, the National Council of Provinces (NCOP) passed the Cybercrimes Bill, which now awaits President Cyril Ramaphosa’s assent.

7 Jul 2020 4 min read Technology, Media & Telecommunications Alert Article

The Cybercrimes Bill arrives on the President’s desk after a significant Parliamentary process involving numerous deliberations, proposed amendments and an extensive public participation process. In terms of section 79(1) of the Constitution, the President is required to assent to the Bill (i.e. sign the Bill into law) or refer it back to the National Assembly for reconsideration if he has reservations about its constitutionality. If the President assents to the Bill, the Bill will become a law of the Republic of South Africa.

The controversial ‘Cybercrimes and Cybersecurity Bill’

The Cybercrimes Bill is the product of an interesting legislative process where the ‘Cybercrimes and Cybersecurity Bill (B6–2017)’ (the Old Bill) was subjected to a great deal of scrutiny. The Old Bill was broadly divided into two parts, namely a “cybercrimes” section and a “cybersecurity” section. The criticism against the Old Bill was primarily aimed at the cybersecurity section, which raised various concerns about the government’s extensive powers, including the concern that it violated the right to freedom of expression entrenched in section 16 of the Constitution. This resulted in the clauses in the Old Bill pertaining to cybersecurity being completely removed and its name being changed to the ‘Cybercrimes Bill’ – which now only deals with cybercrimes.

Cybercrimes under the Cybercrimes Bill

The Cybercrimes Bill criminalises, inter alia, the following types of cybercrimes:

  • unlawful access – which includes the unlawful and intentional access to data, a computer program, a computer data storage medium or a computer system (commonly referred to as “hacking”);
  • unlawful interception of data – which includes the acquisition, viewing, capturing or copying of data of a non-public nature through the use of hardware or software tools;
  • unlawful acts in respect of software and hardware tools – being the unlawful and intentional use or possession of software and hardware tools that are used in the commission of cybercrimes (such as hacking and unlawful interception);
  • unlawful interference with data, computer programs, storage mediums and computer systems – being the unlawful and intentional interference with data, a computer program, a computer data storage medium or computer system;
  • cyber fraud – being fraud committed by means of data or a computer program or through any interference with data, a computer program, a computer data storage medium or a computer system;
  • cyber forgery – being the creation of false data or a false computer program with the intention to defraud;
  • cyber uttering – being the passing-off of false data or a false computer program with the intention to defraud; and
  • malicious communications – being the distribution of data messages with the intention to incite the causing of damage to any property belonging to, or to incite violence against, or to threaten a person or group of persons, including the distribution of “revenge porn”.

Penalties

The Cybercrimes Bill prescribes the sentences that offenders will be liable to on conviction of the cybercrimes created by the Bill, which entail fines and/or imprisonment ranging from five to 10 years, with aggravated offences attracting imprisonment of up to 15 years. In the case of the offences of cyber fraud, cyber forgery and uttering, the Bill provides for broad penalties that could be imposed for anyone found guilty of any of these cybercrimes where a court will have a discretion to impose a penalty that it deems appropriate under section 276 of the Criminal Procedure Act 51 of 1977. Such penalties may include a fine (unspecified), imprisonment, a declaration as a habitual criminal and correctional supervision.

Obligations under the Cybercrimes Bill for businesses in South Africa

The Cybercrimes Bill does not simply prescribe offences and penalties to regulate criminal conduct. The Bill also imposes obligations on businesses in general and on electronic communications service providers (ECSPs) and financial institutions in relation to the commission of cybercrimes. ECSPs and financial institutions will have obligations in relation to (i) the reporting of cybercrimes and (ii) the preservation of evidence in relation to the commission of cybercrimes. Any ECSPs or financial institutions that fail to comply with such obligations could be found guilty of an offence and be liable on conviction to a fine not exceeding R50,000.

Businesses who may fall victim to a cybercrime or who, for example, have an employee who commits a cybercrime, are required to offer cooperation and assist law enforcement officials in any investigations they may conduct. Such businesses may be required to comply with search warrants and/or may be called to comply with directions issued by the court to furnish particulars to the court relating to the computer systems involved in a cybercrime and/or may be requested to comply with court directions to preserve data or evidence relevant in a cybercrime investigation.

The information and material published on this website is provided for general purposes only and does not constitute legal advice. We make every effort to ensure that the content is updated regularly and to offer the most current and accurate information. Please consult one of our lawyers on any specific legal problem or matter. We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages. Please refer to our full terms and conditions. Copyright © 2024 Cliffe Dekker Hofmeyr. All rights reserved. For permission to reproduce an article or publication, please contact us cliffedekkerhofmeyr@cdhlegal.com.

You might also be interested in

30 Nov 2023

by Nicholas Carroll and Jerome Brink

Tax Vertical mergers are back

Section 44 of the Income Tax Act 58 of 1962 (Tax Act) is one of the lesser used of the so-called “ corporate rollover relief rules ”, but is nevertheless one of the more hotly contested. Broadly, it provides for rollover relief from tax where two companies amalgamate to form one company, the other being liquidated.

Tax & Exchange Control

6 min read

7 Dec 2023

by Sammy Ndolo

Fast-track administration

The Insolvency (Amendment) Bill, 2023 (Bill) proposes to introduce a fast-track administration process. This process will be applicable to companies that qualify as small companies under the Companies Act, 2015 and other companies with assets and turnover, class of creditors, amount of debt, or type of company that the Cabinet Secretary may prescribe.

Business Rescue, Restructuring & Insolvency

2 min read

25 Jul 2023

by Bridget Witts-Hewinson

Demystifying rooftop solar: Understanding the legalities

Senior Associate in our Real Estate Law practice, Bridget Witts-Hewinson joined Simon Brown on Moneyweb.

06:38 Minutes

8 Apr 2024

by Imraan Mahomed

Political parties’ involvement in workplace affairs

It has become a common feature in South Africa for political parties to want to become embroiled in workplace issues. This initially gained prominence with the Economic Freedom Fighters (EFF,) a well-known opposition national political party. The Labour Court has, however, already taken a strong stance against the EFF in two reported judgments: Calgan Lounge v EFF and Others 40 ILJ 342 (LC) a matter in which Cliffe Dekker Hofmeyr (CDH) represented Calgan Lounge in 2018, and Gordon Road Spar v The Economic Freedom Fighters and Others 42 ILJ 1953 (LC) which was subsequently overturned by the Labour Appeal Court (LAC) in 2023 for technical legal considerations. We reported on these judgments in our 12 November 2018 , 4 October 2021 and 24 January 2022 Employment Law Alerts. The Gordon Road Spar judgment, however, needs to be heeded by employers who are faced with a similar dilemma and who intend to engage the assistance of thecourt.    

4 min read

15 Jan 2024

by Heinrich Louw, Megan Rodgers and Amore Carstens

Lexology - In-Depth: Oil and Gas - South Africa

Directors HeinrichLouw, Megan Rodgers and Associate Amore Carstens contributed to the South African chapter of the Lexology - In-Depth: Oil and Gas Law - Edition 11 .

Oil & Gas

1 min read

21 Feb 2024

by Heinrich Louw

A few changes relating to controlled foreign companies

A controlled foreign company (CFC) is essentially a foreign company where 50% or more of its shares or voting rights are collectively held by South African residents.

3 min read

This website uses cookies to enhance the browsing experience. For more information, please see our Cookie Policy.

Accept Decline