Subscribe

Cyber security Bill nears implementation

Simnikiwe Mzekandaba
By Simnikiwe Mzekandaba, IT in government editor
Johannesburg, 28 Apr 2016

ITWeb Security Summit 2016

Don't miss the definitive event for security professionals:
17-18 May (conference and expo), 19 May (workshop)
Vodacom World, Midrand
Book today!

Government's highly-criticised national Cyber Crimes and Cyber Security Bill (cyber security Bill) will "shortly be taken through the Parliamentary process ahead of implementation".

This is the word from minister in the State Security Agency (SSA), David Mahlobo, who delivered his budget vote speech this week, and said the cyber security Bill had been completed and presented to Cabinet.

"The National Development Plan commits government to improving cyber security so as to create a secure, dependable and reliable cyber environment," stated Mahlobo.

He added: "The latest information on cyber attacks indicate most attacks are no longer perpetrated by cyber geeks sitting behind computers, but rather by automated programs which can run constantly with the aim of exploiting opportunities in people, governments, businesses and societies."

According to Mahlobo, the country loses up to a billion rand annually due to cyber crime.

SA has been criticised for its lack of decisive policy and control over cyber crime. To address this, the SSA moved to make cyber security top priority and published a new draft of the cyber security Bill on 28 August 2015.

The cyber security Bill aims to give SA a co-ordinated approach to cyber security, according to the SSA.

The Bill also creates new offences (about 50) that are related to data, messages, computers and networks. An example of a new offence would be if someone is using personal or financial information to commit an offence, hacking, unlawful interception of data, as well as computer-related forgery and uttering, extortion or terrorist activity.

In terms of the Bill, penalties for committing an offence can range from one year to 25 years imprisonment, or a fine of R1 million to R25 million.

The new draft cyber security Bill has been criticised for giving government too much power.
The new draft cyber security Bill has been criticised for giving government too much power.

Although the new Bill aims to deal with cyber crime and improve the security of SA's Internet users, it has been wildly criticised by Right2Know (R2K).

The freedom of expression and advocacy group called for the cyber security Bill to be scrapped on the grounds it gives government too much power.

According to R2K, the new Bill is complex and has far-reaching powers.

The advocacy group listed seven deadly sins of the Bill on its Web site, which include handing over control of the Internet to the ministry of State Security, granting backdoor access to any network, and increasing the state's surveillance powers. It says it is even more invasive than RICA.

R2K proposed the only solution would be to scrap the Bill and start again - "this time with the proper public participation and the need to protect and preserve the democratic spirit of the Internet and ordinary users' right to privacy at the heart of any drafting".

Meanwhile, law firm Michalsons previously also noted the Bill gives the South African Police Service and the SSA extensive powers to investigate, search, access and seize anything (such as a computer, database or network) wherever it might be located, provided they have a search warrant.

Share