An overview of cybercrime law in South Africa

Abstract

The COVID-19 pandemic has accelerated the uptake and use of information communication technologies and led to the digital transformation of different sectors of the economy. For South Africa, the COVID-19 pandemic struck at a time when the South African government had committed itself to leveraging technology for the benefit of its citizens, the private sector, and the public sector. By 2020, South Africa already had in place enabling policy and legal frameworks to assist with the regulation of activities taking place in cyberspace. The increase in broadband access has resulted in the increase of internet users. Due to increase in use of digital technologies and processing of personal data, there has been an increase in cyber-attacks and cybercrimes such as data breaches, identity theft and cyber fraud. Several South African based companies, state owned entities, government departments and citizens have been victims of cyber-attacks. To respond to the growing spectre of cybercrime, the South African government promulgated laws to supplement the existing legal framework. It also operationalised some of the laws which had been passed but had not yet come into operation. This paper gives a summary of the evolution of cybercrime laws in South Africa. It starts off by summarising how common law and the Electronic Communications and Transactions Act addressed cybercrime. The paper then proceeds to discuss the recently promulgated Cybercrimes Act, which is now the primary law criminalising certain online activities. It explores how the various provisions of the Cybercrimes Act address different types of cybercrimes known today. This discussion is aimed at demonstrating that South Africa is no longer a safe haven for cybercriminals.