As the human species evolves, we are forced to create more laws to manage the ever-shifting changes in the way we live. A few hundred years ago you’d be stoned for committing a serious crime, hung for murder, or burned for heresy.
Thankfully, things are a little different now.
Today we’re seeing a flood of checks and balances which serve to protect the largely unseen side of our world. Indeed, our online activities certainly need to be carefully safeguarded which has given rise to one of the most recent interventions – the Cybercrimes Bill.
What is this bill all about, and will it impact our businesses? Let’s find out.
What is the Cybercrimes Bill?
The Cybercrimes Bill, also known as the Cybercrimes Act, was adopted into law in November 2018. The basic premise relates to keeping the general public safe from cybercriminals and ensuring data security and compliance to this end.
The Bill states its purpose, in part “To create offences and impose penalties which have a bearing on cybercrime…to impose obligations on electronic communications service providers and financial institutions to assist in the investigation of cybercrimes and to report cybercrimes; to provide for the establishment of structures to promote cybersecurity and capacity building; to regulate the identification and declaration of critical information infrastructures and measures to protect critical information infrastructures”
The full document can be found here.
This Bill clearly shifts the responsibility of compliance to each and every one of us under threat of hefty fines or imprisonment.
The Cybercrimes Bill and Our Business
So, what do we need to know and how can we ensure that we remain on the right side of the law?
Conventional law has been turned on its head with no room for ignorance. Now, business owners must prove their innocence if they are accused of operating contrary to the Bill.
- If you unlawfully process personal data or do so without proper authorization, then you face a fine or imprisonment. This includes the retention of personal records for the prescribed period of time according to the law.
- If you access personal information contrary to the POPI Act or even hold information that was attained illegally by another party, you face fines or imprisonment. Any data that you hold needs to have a “paper trail” and you need to prove how it came to be in your possession. If you can’t prove where you obtained the data from, then you will be penalised.
- If you are in possession of certain hardware or software that could potentially be used to commit a crime, then you can be prosecuted.
- If you are aware of cybercrime and you do not report it, then you can also be imprisoned or fined.
ICT companies, ISPs, and vendors
Besides the above requirements, ICT businesses need to be extra vigilant.
For example, if you manufacture a product that can potentially be used to commit a crime, then you may have to have a conversation with a lawyer to ascertain if you can legally continue this line of business.
Likewise, if your customers rely on your compliance to operate their business then you will certainly need to ensure that you’ve got all your ducks in some serious rows.
Did you know that the Cybercrimes Bill extends right into our own personal devices?
For example, you can face prosecution if you:
- Send a message or post a comment that could incite others to violence or damage
- If you have any tools or apps that can bypass passwords
- Share passwords or access codes to sensitive information
It’s clear that the onus is on individuals and business owners to create the safest environment for any and all personal data. We need to adhere as closely as possible to the laws around each element of the Bill and do our part to keep the real cybercriminals at bay.
Will the Cybercrimes Bill affect your business?
If you’re operating in the online space, then you certainly need to be alert and take the time to read up on what is required of you.
And if you rely on your connectivity partner to uphold their responsibilities in this area, then you’ll want to join the Huge Connect family. We are proudly POPI compliant and take our responsibility to protect your data seriously.
If you have areas of concern regarding the security of your data network and the handling of your information, we encourage you to get in touch with our knowledgeable team. We’re happy to assist.