Press Room

Cybercrimes Act is Signed into Law

Posted on by Megan Dyamond

On 26 May 2021 President Ramaphosa signed the Cybercrimes Bill into law. The Cybercrimes Bill was first published on 28 August 2015, updated on 19 January 2017 and was introduced in Parliament on 22 February 2017. The Bill went through rigorous rounds of commentary in the public participation phase in 2017. After consideration of these comments, the Bill in its current form was published in 2018.

The Bill was reviewed by the National Council of Provinces in 2019, which requested input from various stakeholders and opened another round of public participation. The Bill was presented to both houses of Parliament and passed in December 2020 and has been waiting for the President’s assent since then. The Bill, now an Act of Parliament, will only come into operation on a date fixed by the President – the commencement date – which has not yet been released.

The focus of the Cybercrimes Act is on criminalising the theft and interference of data in South Africa, bringing South African laws in line with the rest of the world.

The objectives of the Act are to:

  • Create offences and impose penalties which have a bearing on cybercrime;
  • To criminalise the distribution of data messages which are harmful and to provide for interim protection orders;
  • To further regulate jurisdiction in cybercrime.

The Act regulates and empowers authorities to investigate cybercrimes and imposes obligations on service providers and financial institution to cooperate and assist with investigations into cases of cybercrime.

The Cybercrime Act criminalises certain offences, most related to data, messages, computers and networks. E.g.

  • Hacking;
  • Unlawful interception of data;
  • Ransomware;
  • Cyber forgery; and
  • Cyber extortion.

It will be interesting to watch how the Government will empower its organs of state to fulfil their duties in terms of the Act. For example, the Minister of Police is obliged to establish and maintain:

  • a Point of Contact for cyber crimes, and
  • the capacity to detect, prevent and investigate cybercrimes.

Both of duties will require costly upgrades to current infrastructure and additional employment of experts.

Until the commencement date of the Act is released we will have to wait for more detailed Regulations and relevant stakeholders’ plans to fulfil their obligations in terms of the Act. The latest version of the Bill can be found here.

Currently, cybercrimes can be reported at any SAPS station. The SAPS website provides a number of tips to avoid falling prey to cybercriminals.

If you require advice on cybercrimes, do not hesitate to contact us.

About the author

Megan Dyamond

Megan started her articles with Dunsters in 2020 and is a graduate of the University of Cape Town (B.COM PPE, LLB). Megan is in the commercial team at Dunsters and enjoys working on drafting all kinds of contracts as may suit our clients’ needs. Her areas of interest lie broadly in the commercial sphere, with a more specialised focus on technology and the law. Megan also writes and oversees the editing of our insights and articles.

In her spare time Megan is Chairperson of the Cape Town Candidate Attorneys’ Association, loves to paint and prefers to spend her weekends outdoors. Cold-water swimming, running and hiking, she is keen on all the outdoor activities Cape Town has to offer.

We use cookies to analyse website usage and other technical information to improve the functionality of our website   View more
Cookies settings
Accept
Privacy & Cookie policy
Privacy & Cookies policy
Cookies list
Cookie name Active
This policy informs you how we will use your personal information, by using our services and/or website you consent to our use of your personal information for the purposes described herein.
  1. DEFINITIONS
  •  “PERSONAL INFORMATION”
    • Personal Information means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to, name and surname; identification number; physical address; contact information such as an email address and telephone number.
  • “DATA SUBJECT”
    • Data Subject means the person to whom personal information relates.
  • “RESPONSIBLE PARTY”
    • Responsible Party means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information.
  • “IDENTIFICATION INFORMATION”
    • Identification Information means information that can be used to identify the data subject.
  • “COMPLIANCE INFORMATION”
    • Compliance Information means information that is needed by Dunsters Attorneys for us to be compliant with relevant laws including the Financial Intelligence Centre Act “FICA” and regulatory standards and government orders such as Anti-Money Laundering (AML), Know-Your-Client (KYC) and Counter-Terrorist Financing (CTF).
  •  “COMMUNICATION INFORMATION”
    • Communication Information includes all correspondence such as emails and messages.
  • “FINANCIAL INFORMATION”
    • Financial information means any information relating to payment of invoices, including but not limited to banking information and account details
  1. PERSONAL INFORMATION COLLECTED
  • We may collect website usage and other technical information such as details of your visits to our website through cookies and other tracking technologies. Cookies are small data files stored by your computer to help improve functionality or tailor information to provide visitors with more relevant pages.
  • The information we collect may include information provided to us through your initial correspondence, possibly including:
    • Name and Surname
    • Email address
    • Contact numbers; and/or
  • This may also include information that we may have requested, and you subsequently provided, including, but not limited to:
    • Compliance Information
    • Identification Information
    • Communication Information
    • Financial Information
    • Other Personal Information
  • Reasons for collection of your personal information will be explained to you when we collect/request the information. We may request certain personal information to comply with global industry regulatory standards, local regulatory standards or government orders.
  • You, the data subject, consent to our use of your information in line with this privacy policy and/or any terms of engagement you may sign with us. If you wish to revoke your consent, please email enquiries@dunster.co.za .
  1. ACQUISITION OF PERSONAL INFORMATION
  • We acquire information from you directly, save where accessible from publicly available sources.
  • Information may be collected through various platforms, including:
    • Our onboarding process with you
    • Email engagement
    • Telephonic engagement
    • In-person engagement
    • Cookies
  1. PURPOSE OF COLLECTION OF PERSONAL INFORMATION
    • Your personal information may be collected and saved on our system for the following purposes:
      • To enable us to provide legal services.
      • To send news, updates and marketing information.
      • To review job applications.
      • To comply with legal requirements
    • Your personal information will not be used for the following purposes:
      • We will never use your personal information for direct marketing purposes without your consent (you may opt-out of our newsletter at any time)
      • We will never disclose your personal information to another third party without permission from yourself, unless it is required for fulfilment of our legal services or as mandated by law.
  1. RIGHTS OF DATA SUBJECTS
  • Right of the data subject under the POPI Act include, but are not limited to:
    • Having access to their recorded personal information
    • Requesting correction or amendment to their personal information and to have information corrected or amended
    • Requesting deletion or destruction of personal information from the responsible party’s system
    • Objecting to the processing of personal information
    • Submitting a complaint to the Regulator regarding the alleged interference with the protection of the personal information of any data subject or submitting a complaint to the Regulator (POPIAComplaints@inforegulator.org.za)
    • Instituting civil proceedings regarding the alleged interference with the protection of their personal information.
  1. RETENTION OF RECORDS
  • We will retain your information for the period required by law.
  • Where we retain your contact information for any period other than may be prescribed by law, we retain this information to keep you updated of our various offerings and news. By not unsubscribing from newsletter, you consent to us retaining your personal information on our records indefinitely, for the purposes explained above, including, to keep you informed about news and updates pertaining to Dunsters Attorneys Inc.
  1. SECURITY AND DATA PROTECTION
  • We take reasonable technical and organisational measures to secure the integrity of your personal information and use accepted technological standards to prevent unauthorised access to or disclosure of your personal information, and protect your personal information from misuse, loss, alteration and destruction.
  • The measures that are taken in order to protect your personal information include:
    • Physical measures: access to physical copies of your information is controlled using strict protocol.
    • Electronic measures: firewalls and password protection
  1. DISCLAIMER AND USER OBLIGATIONS
  • While we will take all reasonable steps to ensure the security of your data and personal information according to industry standards, it is not possible to guarantee the complete security of all information provided at all times.
  • We will notify you as soon as reasonably practicable of any breach of security, loss of or damage to your personal information.
  • Data subjects are responsible for taking reasonable precautions to safeguard their personal information.
  • Although we endeavour to ensure your information is as correct as possible, you are responsible for notifying us of any changes to your data or personal information in respect of the services provided and/or your account with us.
  • We will not be held liable for losses of any nature which are due to incorrect data or personal information provided by users in respect of the service provided.
  • We will not be held liable for any loss or damage arising from a security breach or disclosure of your personal information or data, to the maximum extent permitted by law.
  • We shall not be liable for any damage or interruptions caused by any computer viruses or other malicious code that may affect your computer or other equipment, or any phishing, spoofing or other attack.
  • If you suspect that your personal information has been compromised, or that there has been unauthorised use of your email address by any person, or any other violations to the security of the website, please contact us.
Save settings
Cookies settings