The Protection from Harassment Act, while a welcome piece of legislation, poses several practical problems that mean it could be thwarted by cyber bullies hiding on the Internet.
The law, which came into effect on Freedom Day, is SA's first attempt to open legal channels for those who have been bullied online. Under the Act, the victim of a cyber bully can seek an interim protection order, which will be granted as long as the court is satisfied the respondent has harassed, or is harassing, the applicant and that harm has or may be caused.
However, as the interim order has to be served after being granted, mobile operators and Internet service providers (ISPs) can be asked to track down relevant parties. Electronic service providers can be forced to hand over the name, surname, identity number and address of the person to whom the IP address, e-mail or cellphone number belongs.
Service providers that fail to hand over information can be fined R10 000, while their staff could be jailed for six months. Although larger companies, such as MWeb and Vodacom, say they will be able to cope with the Act's requirements, concerns have been raised as to practicalities and the effect on smaller players.
Much needed
Marc Furman, legal manager of Internet Solutions, says there is a need for legislative tools to combat sexual and other harassment and, in particular, online harassment and bullying. He notes that ISPs have a role to play in assisting the courts and law enforcement agencies in the policing and enforcement of rules to combat this kind of behaviour.
MWeb ISP CEO Derek Hershaw adds that the company will disclose information when required to by a recognised law enforcement body's legal request. He says MWeb does not see any problems implementing the law, as there are no new obligations.
Vodacom concurs, saying the Act is not fundamentally different to other pieces of legislation which require information disclosure to law enforcement agencies. "Vodacom already has processes in place to disclose information requested by the different law enforcement agencies."
Practical challenges
However, Furman says the law "poses some concern in seemingly assuming that in all cases an ISP would be able to provide details of identity of an individual online". He points out that there are cases where South African ISPs would be unable to assist at all if the online activity took place outside of SA.
In those instances, law enforcement officials would have to make inquiries with international companies, such as Google or Facebook, "which would not likely be successful", says Furman. Locally, ISPs may have the logs, but it can be a technical challenge to identity the correct ISP, he adds.
Furman points out that while larger ISPs have abuse desks that could, in most cases, manage the queries envisaged in this legislation, smaller entities may need to significantly enhance call centre and abuse desk resources.
"It is difficult to quantify right now the systems and resources that will be required to make this kind of legislation a success," says Furman. He adds this will depend on the number of enquiries as a result of the new law.
"There is a need for this legislation, and the Act and its regulations are a good step forward. But for it to succeed, more than just good intentions are required."
Furman says the authorities will have to work with the industry to make sure practical procedures are put in place so the law "does not end up becoming a costly and burdensome set of rules and regulations that do not help those it is intended to help".
Open to abuse
Arthur Goldstuck, MD of World Wide Worx, notes the law is overdue. "Harassment via phone, SMS, e-mail and social media is so widespread, it has developed into a layer of emotional abuse that simmers just below the surface of our nation's psyche. Any tools that strip away protection of abusers should be welcomed."
However, Goldstuck says "chances are that, to be fully compliant with the law, ISPs and network operators will have to introduce additional systems and employ more people, making it a costly exercise for all involved".
Goldstuck adds the law does present some areas of concern, such as the ability of ISPs in particular to identify perpetrators. "There are so many tools of obfuscation available that the determined perpetrator will be able to skip around the law unless the service providers, as well as law enforcers themselves, are as well-versed in these tools as are the perpetrators."
There is also the likelihood that the law will be abused, says Goldstuck. "As easy as it is to perpetrate abuse under the cloak of anonymity, it is as easy to fabricate abuse in order to incite police action against the supposed perpetrator... In a worst-case scenario, we could see the Act lead to the abuse of privacy that it is designed to prevent."
While Goldstuck says there should be a sanction for false claims, it is more important to have a law that provides protection and recourse.
Practically, it is also difficult to enforce due to the limitations on service providers being able to access log files housed in foreign countries, as is the case with Facebook, says Goldstuck. "While Facebook does usually comply with justice officials' requests for cooperation, this is far more difficult when it comes from outside the jurisdiction within which Facebook houses its records."
Share
