Cyber crime clampdown in works
Revisions are being made to South African legislation in a bid to combat the burgeoning phenomenon of cyber crime, with details expected to emerge in the first quarter of this year.
Government has been criticised for a lack of decisive policy and control over the growing problem of cyber crime. About a year ago, data revealed cyber crime had cost the country over R3.4 billion in one year alone.
Yet, SA still awaits either the release of the National Cyber Security Policy Framework - passed by Cabinet almost three years ago - or another document that will give strategic direction to SA's stance on cyber security.
And it seems government has opted for the latter. Craig Rosewarne, MD of Wolfpack Information Risk, says revisions are being made to SA's legislation that will have a positive impact on combating cyber crime. "There are also new pieces of legislation [in the making] that will help in prosecuting cyber criminals."
While the revised legislation has yet to be paired with a solid timeframe, Rosewarne says comprehensive drafts have already been drawn up.
Ministry of State Security communications head Brian Dube notes the State Security Agency was tasked with coordinating the work pertaining to the implementation of the cyber security policy framework.
"That work is continuing and various government departments have completed the development of their own sector policies which will guide the interventions they need to make in dealing with various incidences of cyber crime and protecting their critical infrastructure and dealing with prosecuting those involved in criminal acts."
Dube says these policies are in various stages of approval. "Government is working on improving the institutional capacity required to deal with this complex global phenomenon. Various structures have also been established to conduct further work, in partnership with the private sector."
Rosewarne says Wolfpack Information Risk has been actively engaging with government. "Very strategic structures are being designed to deal with cyber security in SA."
Dube says further details will be made available when the various clusters of government conduct their briefings after the State of the Nation Address, which is set to take place on the evening of 12 February.
According to Barend Burgers Attorneys, "online offenders" are currently liable for prosecution under the Electronic Communications and Transactions (ECT) Act of 2002. The firm defines online misdemeanours as "hacking, cracking, and other unlawful online activities".
However, the ECT Act does not cover all bases. "Wherever the ECT has not made specific provisions for criminal sanction, [the common law or other statues in place prior to the ECT] will be applied.
"Most of the cyber crime provisions in the ECT are noble endeavours, [but] their enforceability is still to be tested in our South African courts. Given the borderless nature of the Internet and the challenges it poses in terms of jurisdictional questions, international cooperation and uniformity, it is of utmost importance that states learn from each other efforts to deal with cyber crime, and create an international cyber crime code to be applied universally, if any significant success is to be achieved in the combat against cyber crime," concludes Barend Burgers Attorneys.
Another snag with the ECT Act is the fact that one of the departments instrumental in its enforcement, the former Department of Communications (DOC) - and the Independent Communications Authority of SA (ICASA), which fell under it - has essentially been dismantled and reworked into two.
As of May last year, SA's telecoms ministry is the Department of Telecommunications and Postal Services. The DOC is now a government mouthpiece, under which telecoms regulator ICASA falls.