What are cybercrimes?
The Cybercrimes Act 19 of 2020 was signed by the President into law on 26 May 2021 and certain pertinent sections came into effect from 1 December 2021.
The objectives of the Cybercrimes Act include the following:
- To create offences which have bearing on cybercrime, including hacking, unlawful interception of data, ransomware, online fraud, extortion and malicious communications. Offences are punishable by fines or imprisonment up to 15 years.
- To criminalise the disclosure of data messages (eg WhatsApp text messages) which are harmful and to provide for interim protection orders to support victims.
- To further regulate jurisdiction in respect of cybercrimes. In this regard, South African courts now have jurisdiction over relevant offences which are committed outside South Africa, but having a local effect.
- To further regulate the powers to investigate cybercrime. In this regard, the South African police have extensive powers to search, seized or access items which are used in malicious communication or other cybercrimes.
- To impose obligations to report cybercrimes. In this regard, Electronic Communication Service Providers (ECSP) and financial institutions are obliged to report cybercrimes to the police within 72 hours and preserve any information (evidence) relating thereto.
Following the above, in terms of the Cybercrimes Act, any person who UNLAWFULLY and INTENTIONALLY do the actions listed below, is guilty of an offence:
- Access a computer system or data storage medium
- Intercept data within/which is transmitted to/from a computer system
- Using or possessing software or hardware tools to do any of the above
- Permanently or temporarily delete/alter/obstruct or deny access/damage (ie “interfere with”) data or a computer program
- Interfere with a computer data storage medium or a computer system
- Acquire/possess/use/provide to another access, or a password, or similar data, or a device, for purposes to do any of the above
- Make a misrepresentation by means of data, computer program or interference, which causes actual or potential prejudice to another person
- Make false data or computer program, which causes actual or potential prejudice to another person (cyber forgery and uttering)
- Commit or threatens to commit any offence referred to above for the purpose of obtaining any advantage from another person or compelling another person to perform or to abstain from performing any act (cyber extortion)
In addition, any person who commits an offence referred to above in so far as passwords, access codes or devices relate to a restricted computer system, and who knows or ought reasonably to have known or suspected that it is a restricted computer system is, guilty of an aggravated offence.
Further, the theft of incorporeal property (including data, software etc) can be interpreted as theft in terms of the common law.
Any person who discloses a data message (for example a WhatsApp message) to a person, a group of persons or the general public with the intention to incite the causing of any damage to property or violence against a person or any group of persons, or threatens persons with violence or damage to property, is also guilty of an offence.
Crimes must be reported to the police. If you have suffered harm or losses following a person’s crimes, you may have grounds to launch court action (civil action) against them, with the help of a legal practitioner (attorney/advocate).
If you have questions or possible instructions relating to cybercrimes, you are welcome to connect with our top lawyers: https://lawyersworkingfromhome.co.za/connect-with-a-lawyer/