The Cybercrimes Act 19 of 2020 was signed into law in May 2021, and will become effective on the commencement day identified once published in the gazette. The Act seeks to improve security in the cyberspace by codifying activity identified as offences and requiring entities that store communication and financial information to report any activity that amounts to criminality. The need for such a law resonates with the growing use of cyber systems, programs, and applications. In other words there is growing presence of users on the cyberspace everyday and in turn, increase in criminal activity is a natural result.
While some may argue that most activity the new Act prescribes as criminal are everyday occurrences and which probably will go unabated especially on popular and public platforms e.g Facebook. This argument may hold water but it is important to note that the Cybercrimes Act is not our enemy, threats of security on these platforms are and something needs to be done about it to ensure the safety of the cyberspace amongst users.
In this article we will answer a few questions that are in public discourse with regards to the new Act for the benefit of those who require to be privy to its provisions.
Is the Cybercrimes Act 19 of 2020 in effect?
At the writing of this article, not yet. The Bill (then) was signed into Law by the President in May 2021 after sailing through houses of Parliament in December 2020. As with all other laws assented, they need to be gazetted and will become effective on the commencement date.
Who does the Act affect?
Any party which uses the cyberspace, computer systems, programmes, data storage mediums etc. Individuals, companies and other organisations use this equipment on a daily basis and so are affected by the new Act.
Which offences are introduced by the Act?
The above are some of the offences introduced by the Cybercrimes Act.
What obligations are placed on electronic communications service providers (ECSPs) and Financial Institutions?
Section 54 of the Act places an obligation on electronic communications service providers (ECSPs) and Financial Institutions to report any activity where there is reason to believe that a crime has or is being committed in the use of their computer systems and networks within 72 hours. Further, they are obliged to retain evidence and information of such activity and avail it to law enforcement to assist in the investigations.
Are electronic communications service providers (ECSPs) and Financial Institutions required to actively monitor criminal activity on their systems and networks?
No. they are not required to actively monitor per se, but that where in their normal monitoring processes identify such activity, to report such within 72 hours.
Are Common law fraud and cyber fraud different?
While the Cybercrimes Act definition of cyber fraud retains the same elements as the Common law fraud, cyber fraud however requires that in its commission it ought to be by means of data or a computer programme, or through interference with data or a computer program.
We hope this information has assisted, but you are more than welcome to contact us for further clarity and assistance.
We assist with a wide array of legal services as outlined on our interactive website and other platforms. Our approach is professional and committed.
Kindly contact us for world class assistance.
The information contained in this site is provided for informational purposes only, and should not be construed as legal advice on any subject matter. One should not act or refrain from acting on the basis of any content included in this site without seeking legal or other professional advice. The contents of this site contain general information and may not reflect current legal developments or address one’s peculiar situation. We disclaim all liability for actions one may take or fail to take based on any content on this site.
Subscribe to our Newsletter
Estate Agent Training
Bond & Transfer Calculator
Get the latest updates in your email box automatically.