Thursday, 3 September 2015

Draft Cybercrimes and Cybersecurity Bill published for comment in RSA

The Department of Justice and Constitutional Development invites the public to comment on the draft Cybercrimes and Cybersecurity Bill. A discussion document on the bill is contained here.
According to The Department of Justice and Constitutional Development, "it is estimated that cyber-related offences are escalating and currently exceed a value in excess of R1 Billion annually". Afro Leo is not sure how they reached this figure but suspects that it is far greater than that because:
  • Most of the value within a business (never mind personal assets) is attributable to intangible assets (see BrandFinance article here, for example). 
  • It is these assets that are most at risk of a cyber-attack (eg theft of know-how and related copyright - Ashley Madison is an example of this type of damage). 
  • The value of RSA annual GDP is roughly R350 billion, representing the total value of goods and services produced in RSA over a year. 
  • R1 billion is only but a small fraction of that, and the risk of cybercrime is very real indeed

As a consequence, the threat from cybercrime represented in monetary terms appears to be far greater. However, according to a report from the BSA published a few years ago (The Software Alliance reported on by the blog here) "South Africa has useful laws in place for cybercrime and electronic commerce". In that report the antiquated state of copyright legislation was cited as a major impediment on the scorecard. Nevertheless, updating opr consolidating legislation on cybercrime is important. So how does the Bill stand up - that is what the legislature want to know.
The draft Bill focuses on:
  • Creating offences and prescribing penalties related to cybercrime.
  • Regulating jurisdiction, as well as the powers to investigate search and gain access to or seize items in relation to cybercrimes.
  • Regulating aspects of evidence, relative to cybecrimes.
  • Regulating aspects of international cooperation in respect to investigations of cybercrimes.
  • The establishment of various structures to deal with cybersecurity.
  • The identification and declaration of National Critical Information Infrastructures and measures to protect these infrastructures.
  • Creating obligations for electronic communications service providers regarding issues that impact on cybersecurity.
Interested parties wishing to comment on the Bill are invited to submit written comments to the Department of Justice and Constitutional Development on or before 30 November 2015. These can be submitted to: Submissions can also be faxed to: (012) 406 4632. For information or queries related to submissions, contact Mr S J Robbertse on: (012) 406 4770.

Reinhardt Biermann will also be covering this topic in today's #SandtonDiscussion at 9am CAT.

No comments: