The cyber security legislative and policy framework in South Africa

Abstract

The analysis focuses on the CyberSecurity posture of South Africa within the international legal instruments that profile CyberSecurity and CyberCrime as a strategic issue and a national security imperative. This dissertation provides the definitions dominating African and global literature whilst recognising the absence of agreement on these definitions. The ever-increasing CyberAttacks present a threat to human, economic and national security and is attracting attention from the traditional Air, Marine, and Land space. The CyberSecurity and CyberCrime debates are progressive and maturing ones that originate from the International Convention, the Council of Europe Convention on CyberCrime (COECC), which focus on criminalisation of CyberCrimes and mechanisms to guide enforcement. From a South African perspective, CyberSecurity and CyberCrime is aptly demonstrated by the Electronic Communication and Transaction Act 25 of 2002. Since then, global awareness of CyberCrime as a national security threat has led South Africa to develop a comprehensive draft Bill on CyberSecurity and CyberCrime as a response to the SADC model law on Computer Crime and CyberCrime. Geopolitical consideration also has affected positioning decisions South Africa has assumed within the CyberSecurity architecture. The African Union (AU) Agenda 2063 profiles the importance of prioritising security of the submarine optic fibre network as the critical physical infrastructure underpinning the virtual cloud of CyberSpace. The critical question to address is whether the CyberCrime and CyberSecurity Bill {2017}, which has undergone several revisions since 2015, comprehensively deal with the realities that manifest within the five domains (i.e. land, maritime, air, Outerspace, CyberSpace). The question worth asking is how secure are citizens in the advent of the cloud and crowd computing? How does the myriad of legislation on CyberSecurity guarantee one’s security – physically, economically and socially? The study recognises a plethora of legislative frameworks that promote safer CyberSpace and lately, the Cybercrime and CyberSecurity Bill that aims to present a one-stop shop platform for identification, monitoring, reporting and criminalisation of violations of security within the CyberSpace. This qualitative study firstly, seeks to present the recommendations on improving the CyberSecurity posture of South Africa, which finds itself within a variety of legislative frameworks. Secondly, from a geopolitical and geostrategic perspective, a comparative analysis of South African legislative framework with those of Germany and Russia is conducted with the aim of deepening CyberSecurity protection and awareness amongst citizens. Germany has demonstrated international commitment to protect society against CyberCrime by signing (2001) and ratifying (2009) the Budapest Convention as well as domesticating it to ensure enforcement. Further commitment has been displayed by the signing and ratification of the Additional Protocols to the Convention on CyberCrime that focuses on criminalisation of racist and xenophobic-natured acts committed through computer systems.