President Cyril Ramaphosa has signed the Cybercrimes Bill into law, with parts of the bill now set to take effect from 1 December 2021.
MyBroadband reported that these provisions criminalise sending certain types of harmful messages on social media in South Africa. Penalties for sending such messages include imprisonment for up to three years and/or a fine.
The proclamation comes after Ramaphosa signed the Cybercrimes Act into law at the start of June.
The Cybercrimes Act defines three types of harmful messages that have been criminalised in South Africa. They are messages which:
- Incite damage to property or violence.
- Threaten people with damage to property or violence.
- Unlawfully contain an intimate image.
In addition to criminalising certain harmful messages, the Act also includes definitions for cyber fraud, forgery, extortion, and theft of incorporeal property.
The Act creates offences for and criminalises, amongst others, the disclosure of harmful data messages, said Ahmore Burger-Smidt, director and head of Data Privacy Practice at Werksmans Attorneys said in an analysis of the changes.
Other offences include cyber fraud, forgery, extortion and theft of incorporeal property, said Burger-Smidt.
“The unlawful and intentional access of a computer system or computer data storage medium is also considered an offence along with the unlawful interception of, or interference with data.”
“This creates a broad ambit for the application of the Cybercrimes Act which defines ‘data’ as electronic representations of information in any form.”
A person convicted of an offence under the Cybercrimes Act is liable to a fine or imprisonment for a period of up to fifteen years or to both a fine and such imprisonment as may be ordered in terms of the offence.
Burger-Smidt said that the Act would also have an impact on businesses, especially considering its overlap with the Protection of Personal Information Act (Popia), amongst other regulatory codes and pieces of legislation.
Popia, which deals with personal information, aims to give effect to the right to privacy by protecting persons against the unlawful processing of personal information.
“One of the conditions for lawful processing in terms of Popia is security safeguards which prescribes that the integrity and confidentiality of personal information must be secured by a person in control of that information,” she said.
“This is prescribed by Popia in order to prevent loss, damage or unauthorised access to or destruction of personal information.”