In South Africa, a large number of people have suffered massive losses due to cyberattacks such as hacking and identity theft. Historically, the country has not had a strong framework or specific rule of law in place to prosecute cybercrimes. However, on the 26th of May 2021, the Cybercrimes Act was signed into law by the president of South Africa to protect the country against any malicious cybercrimes.
In this article we critically discuss and answer the following questions:
- What is the Cybercrimes Act No.19 of 2020?
- Who is affected by this Act?
- Why do we need this Act?
- The Act has commenced, now what?
What is the Cybercrimes Act No.19 of 2020?
Due to the Covid-19 pandemic, organisations decided to take necessary precautions to eliminate the spread of the virus by working from home. However, the number of cybercrimes, as a result, has quadrupled due to unprotected and outdated systems. It is not only organisations that are affected by cybercrimes globally, but also individuals who face financial losses and other related issues from cybercrimes such as malicious communications, receiving threats on social media, hacked accounts, disclosure of personal information without consent, identity theft, and more. The Cybercrimes Act 19 of 2020 was, therefore, introduced in South Africa to help combat cybercrimes by prosecuting transgressors and minimising cyber-attacks. The act commenced on the 1st of December 2021; this means that South Africa now has a comprehensive law to regulate cybercrime.
- Who is affected by this Act?
- Small and large business entities.
- Everyone who uses a computer or the internet.
- Everyone who uses social media.
- All Electronic Communications Service Providers (ECSPs).
- Financial institutions.
- Representatives from various government departments.
- Providers or vendors of software or hardware tools that could be used to commit cyber offenses.
- Information security experts.
- The South African Police Services.
Why do we need this Act?
- To create offenses that have a bearing on cybercrime.
- To criminalise the disclosure of data messages which are harmful and to provide for interim protection orders.
- To further regulate jurisdiction in respect to cybercrimes.
- To further regulate the powers to investigate cybercrimes.
- To further regulate aspects relating to mutual assistance in respect of the investigation of cybercrimes.
- To provide for the establishment of a designated Point of Contact.
- To further provide for the proof of certain facts by affidavit.
- To impose obligations to report cybercrime.
The Act has commenced, now what?
Several sections of the Act have commenced, these sections introduce malicious communication as a crime. Many people will commit a cybercrime unintentionally especially on social media. WWISE has the expertise and experience to help you unpack and understand the requirements of the Act. We offer ongoing awareness training for staff members to prevent a lapse in cybersecurity and to cease cybercrimes from crippling the operations or reputation of a company.
For more information on how WWISE can assist in transforming your organisation’s cybersecurity risk profile, contact the cybersecurity team at WWISE on 086 109 9473 or (021) 525 9159 (Cape Town), email us at email@example.com or visit our website at www.wwise.co.za.