The Cybercrimes Bill -which was first drafted in 2017- has officially been passed by Parliament with the legislation soon to be signed into law by President Cyril Ramaphosa.
While the bill has undergone a number of changes over the past three years, the objectives remain the same:
- Create offences and impose penalties which have a bearing on cybercrime
- To criminalise the distribution of data messages which are harmful
- To provide for interim protection orders around these messages; and
- To further regulate jurisdiction in cybercrime
The Cybercrimes Bill will also enforce communication service providers and financial institutions to assist in the investigation of cybercrimes.
Read More | SA Gov confirms plans to impose TV license fees for streaming services and insists 30% of all Netflix shows must be local
One of the most noteworthy sections of the Cybercrimes Bill deals with malicious communication. Some of the ‘malicious messages’ which are covered under the bill are outlined below.
Messages which incites damage to property or violence
Disclosing, by means of an electronic communications service, a data message to a person, group of persons or the general public with the intention of:
- Causing any damage to property belonging to; or
- Violence against a person or a group of persons is guilty of an offence.
Messages which threatens persons with damage to property or violence
A person commits an offence if they send a message which threatens a person with:
- Damage to property belonging to that person or a related person; or
- Violence against that person or a related person.
This extends to messages which threaten a group of people with damage to property or violence.
This section of The Cybercrimes Bill also includes a ‘reasonable person’ test which states that a message will be considered malicious if a ‘reasonable person’ would perceive the content of the message as a threat.
Any person (Person A) who unlawfully and intentionally discloses, by means of an electronic communications service, a data message of an intimate image of another person (Person B) without their consent is guilty of an offence.
‘Person B’ is identified as:
- The person who can be identified as being displayed in the data message;
- Any person who is described as being displayed in the data message, irrespective of the fact that the person cannot be identified as being displayed in the data message; or
- Any person who can be identified from other information as being displayed in the data message.
The Cybercrimes Bill defines an ‘‘intimate image’’ as a depiction of a person which is real or simulated, and made by any means in which:
- Person B is nude, or the genital organs or anal region of Person B is displayed, or if Person B is a female person, transgender person or intersex person, their breasts, are displayed; or
- The covered genital or anal region of Person B, or if Person B is a female person, transgender person or intersex person, their covered breasts, are displayed.
The section also includes consideration on privacy in that the message will be considered an offence if Person B retains a reasonable expectation of privacy at the time that the data message was made in a manner that:
- Violates or offends the sexual integrity or dignity of B; or
- Amounts to sexual exploitation.