Keeping SA safe from cyber crime
"Cyber crime law includes laws related to computer crime, cyber crime, information crimes, communications crimes and technology crimes. While the Internet and the digital economy represent a significant opportunity, they are also enablers for criminal activity. Crime affects everyone and in future cyber crime is going to affect people more and more. No one is safe - it impacts the rich and the poor," said attorney John Giles of Michalsons.
"Cyber crime is not some futuristic possibility. It is being committed every day right now. Thieves commit cyber crimes to steal people's money and their identity. With your identity, the thief can take out loans, incur credit, accumulate debt and, then flee without a trace. It can take years to rehabilitate your identity. A virus can destroy someone's files and a lost database can result in receiving unwanted sales calls," continued Giles.
Giles said many people will be asking: Do we need it? But cyber crime is on the increase and the Cybercrimes and Cybersecurity Bill aims to keep the people of South Africa safe from criminals, terrorists and breaches from other states. It also consolidates South Africa's cyber crime laws into one place. Essentially, it aims to stop cyber crime and improve the security of South Africa.
Cyber security is important for national security. But national security cannot override the personal freedom we fought so hard to achieve, explained Giles.
Giles is one of the speakers presenting at the ITWeb's Governance, Risk and Compliance Summit running on 10 and 11 February at Summer Place, Hyde Park, Johannesburg. He will be talking about the South African Cybercrimes and Cybersecurity Bill and its importance to compliance officers, legal advisors, information security experts, forensic investigators and information officers in particular, and what they need to know.
"The Cybercrimes and Cybersecurity Bill aims to keep the people of South Africa safe from criminals, terrorists and other states. It also consolidates South Africa's cyber crime laws into one place. Essentially, it aims to stop cyber crime and improve the security of South Africa," said Giles.
The Cybercrimes and Cybersecurity Bill creates many new offences (about 50). Some are related to data, messages, computers, and networks. For example:
* using personal information or financial information to commit an offence;
* unlawful interception of data;
* compute- related forgery and uttering; and
* extortion or terrorist activity.
The penalties range from one year to ten years' imprisonment or a R1million to R10million fine. So, this equates to a R1million fine or a year in jail. Lots of penalties are either R5million or five years' jail, or R10million or ten years' jail.
The Cybercrimes and Cybersecurity Bill gives the South African Police Service and the State Security Agency (and their members and investigators) extensive powers to investigate, search, access and seize just about anything (like a computer, database or network) wherever it might be located, provided they have a search warrant. Foreign states and South Africa will co-operate to investigate cyber crimes.
To deal with cyber crime, the minister of police must establish and operate a:
* 24/7 Point of contact centre for cyber crimes and appoint a director of it; and
* National cybercrime centre and appoint a director of it.
To improve cyber security, the Cybercrimes and Cybersecurity Bill creates a cyber response committee made up of about 13 people. The chairperson will be the director-general: state security. The minister of state security must establish and operate:
* A cyber security centre and appoint someone from the State Security Agency as its director, and
* One or more government security incident response teams and appoint someone from the State Security Agency as the head of each one.
The minister of defence must establish and operate a cyber command and appoint someone as the general officer commanding.
* Establish and operate a cyber security hub and appoint a director of it, and
* Make different sectors which provide an electronic communications service establish and operate (at their cost) private sector security incident response teams.
The Cybercrimes and Cybersecurity Bill was published on 28 August 2015.