South Africa is on course to become the latest country on the continent to tighten legislation around computer crime, with the publication of a draft Cybercrimes and Cybersecurity Bill.
The draft bill, published by the Department of Justice and Constitutional Development, seeks to introduce a range of new offences with explicit penalties for phishing attacks, distributing malware, and committing identity fraud, amongst other offences.
Penalties for offences under the bill range from fines to 25 years in prison for “computer related terrorist activity” and interception of confidential material.
In a bid to crack down on online fraud and other crimes elsewhere on the continent, Kenya introduced a similar bill in August 2014 and Nigeria passed its Cybercrimes Act into law last November.
In a discussion document published alongside the draft bill, the Justice Department says that the new offences are necessary additions to the statute books in order to update the Electronic Communications and Transactions Act of 2002, which currently governs most online crime.
The document gives several examples of where current laws are failing South African citizens. In one example it says that the bill seeks to redress the fact that legal definitions of theft require that a person be deprived of their property – something which doesn’t extend to copying a database. To counter this, a new crime of “computer related appropriation” is introduced.