Introducing South Africa’s Revised Cybercrime Legislation

In February 2017, South Africa made great strides when we introduced a new cybercrime bill to parliamentThere’s no doubt that the 2015 draft of the bill placed excessive restrictions on free speech; dually noted by South African and international civil society organisations. The previous draft prohibited individuals from sharing “a data message which advocates, promotes, or incites hate, discrimination, or violence against a person or group of persons.” However, the South African Constitutions only prohibits freedom of speech relating to incitement to imminent violence, speech that constitutes war propaganda, or hatred based on race, gender, religion, ethnicity that encourages harm.

In comparison with the 2015 bill, South Africa claims the new revised version offers a broader jurisdiction regarding cybercrime; although both versions of the bill enable South Africa jurisdiction over cyber crimes committed within its territory or by its nationals, as well as over foreign-origin cyber crimes that may have an “effect in the Republic”.

The challenge, however, lies less with claiming jurisdiction as it does with establishing effective law enforcement cooperation across borders. In order for the revised draft to succeed, countries must cooperate in investigating and extraditing individuals charged with cyber crimes; a struggle for even the most advanced countries abroad.

Although not fully there yet, the new legislation prepares South Africa to cooperate with other nations regarding cyber crimes. By incorporating elements of the Budapest Convention on Cybercrime, both the old and new drafts contain a 24/7 point of contact and dual criminality requirement. The new draft also contains sections relating to a broader range of requestable data (traffic data, indirect communication, and real-time interception)

Despite efforts to tackle cybercrime head on, South Africa has not ratified the Budapest Convention, nor has it supported the African Union Convention; which aims to harmonise African cybercrime laws. This approach to refrain from multilateral perspectives to cybercrime could become time-consuming; resulting in a disadvantage for South Africa.

Apart from the obvious disadvantages of the revised bill, the bill’s mutual assistance procedures could result in South Africa becoming a regional hub for cooperation amongst other nations. Consistency with the Budapest Convention could result in South Africa qualifying for a cross-border data request agreement with the United States; allowing us accelerated access to data stored by US companies regarding South African crimes.

Regardless of the challenges ahead, South Africa recognises the need to make important adjustments to domestic cybercrime laws, as well as the importance of legal harmonisation, whilst avoiding multilateral institutions that could impinge on its sovereignty. Soon, neighbouring African countries may follow in our footsteps in combatting cybercrime and enforcing uncompromising cyber security measures.