WWW.BOOK.XLIBX.INFO
FREE ELECTRONIC LIBRARY - Books, abstracts, thesis
 
<< HOME
CONTACTS

Pages:   || 2 | 3 | 4 | 5 |   ...   | 13 |

«1. PURPOSE OF BILL The Cybercrimes and Cybersecurity Bill, 2015 (the ―Bill‖) creates offences and prescribes penalties; * further regulates ...»

-- [ Page 1 ] --

DISCUSSION OF THE CYBERCRIMES AND CYBERSECURITY BILL

1. PURPOSE OF BILL

The Cybercrimes and Cybersecurity Bill, 2015 (the ―Bill‖) creates offences and prescribes penalties;

* further regulates jurisdiction;

* further regulates the powers to investigate, search and gain access to or seize

items;

* further regulates aspects of international cooperation in respect of the

investigation of cybercrime;

* provides for the establishment of a 24/7 point of contact;

* provides for the establishment of various structures to deal with cyber security;

* regulates the identification and declaration of National Critical Information Infrastructures and provides for measures to protect National Critical Information Infrastructures;

* further regulates aspects relating to evidence;

* imposes obligations on electronic communications service providers regarding aspects which may impact on cybersecurity;

* provides that the President may enter into agreements with foreign States to promote cybersecurity;

* repeals and amends certain laws; and * provides for matters connected therewith.

2. BACKGROUND In 2011 more than one third of the world‘s total population had access to the 2.1 Internet. It is estimated that mobile broadband subscriptions will approach 70 per cent of the world‘s total population by 2017. The number of networked devices is estimated to outnumber people by six to one, transforming current conceptions of the internet. In the future hyper-connected society, it is hard to imagine a cybercrime or perhaps any crime, that does not involve electronic evidence linked with internet protocol connectivity. Both individuals and organised criminal groups exploit new criminal opportunities, driven by profit and personal gain. Most cybercrime acts are estimated to originate in some form of organised activity, with cybercrime black markets established on a cycle of malware creation, computer infection, botnet management, harvesting of personal and financial data, data sale and selling of financial information. Cybercrime perpetrators no longer require complex skills or techniques. Globally, cybercrime shows a broad distribution across financially-driven acts and computer-content related acts, as well as acts against the confidentiality, integrity and accessibility of computer systems. Globally policerecorded crime statistics do not represent a sound basis for determining the precise impact of cybercrime. According to authors cybercrime is significantly higher than conventional crimes. The use of the Internet to facilitate and commit acts of terrorism is a real occurrence. Such attacks are typically intended to disrupt the proper functioning of targets, such as computer systems, servers or underlying infrastructure, especially if they are part of critical information infrastructures of a country, among others, by means of unlawful access, computer viruses or malware. Some countries are taking steps to implement cyber-warfare and defence strategies.

As part of Government‘s Outcome Based Priorities, the JCPS Cluster signed the 2.2 JCPS Delivery Agreement relating to Outcome 3 on 24 October 2010. This agreement focuses on certain areas and activities, clustered around specific outputs, where interventions will make a substantial and positive impact on the safety of the people of South Africa.

2.4 Currently there are various laws on the Statute Book dealing with cyber security, some with overlapping mandates administered by different Government Departments and whose implementation is not coordinated. The legal framework regulating cyber security in the Republic of South Africa is a hybrid mix of legislation and the common law. Some notable statutes in this regard include, among others, the Electronic Communications and Transactions Act, 2002 (Act No. 25 of 2002), the Protection of State Information Bill, 2010, the South African Police Service Act, 1995 (Act No. 68 of 1995), the Correctional Services Act, 1998 (Act No. 111 of 1998), the National Prosecuting Authority Act, 1998 (Act 32 of 1998), the Regulation of Interception of Communications and Provision of Communication-related Information Act, 2002 (Act No. 70 of 2002), the Prevention and Combatting of Corrupt Activities Act, 2004 (Act No.

12 of 2004), the Films and Publications Act, 1996 (Act No. 65 of 1996), the Criminal Law (Sexual Offences and Related Matters) Amendment Act, 2007 (Act No. 32 of 2007), the Copyright Act, 1978 (Act No. 98 of 1978), the Civil Proceedings Evidence Act, 1965 (Act No. 25 of 1956), the Criminal Procedure Act, 1977 (Act No. 51 of 1977), the Protection of Personal Information Act, 2013 (Act No. 4 of 2013), the Protection from Harassment Act, 2011 (Act No. 17 of 2011), the Financial Intelligence Centre Act, 2001 (Act No. 38 of 2001), and the State Information Technology Agency Act, 1998 (Act No.

88 of 1998), to name a few.

2.5 The Department of Justice and Constitutional Development was mandated to review the cyber security laws of the Republic to ensure that these laws provide for a coherent and integrated cyber security legal framework for the Republic.

2.6 The Bill is part of a review process of the laws on the Statute Book which deal with cyber security and matters related to cyber security. Further legislation may in due course be promoted to address other relevant aspects, inter alia, cryptography, eidentity management and also a possible review of electronic evidence.





–  –  –

3.1 Definitions Clauses 1, 2 and 26, 50 contain various definitions which will be explained in context with the provisions to which they relate.

3.2. Offences 3.2.1 Personal and financial information or data related offences The automation of data processing and the development of non-face-to-face transactions have generated increased opportunities to commit various offences with the personal and financial information or data of a person. This information or data can be the subject of several constitutive acts, namely – * the act of obtaining identity-related or financial information or data;

* the act of possessing or transferring the identity-related or financial information or data; and * the act of using the identity-related or financial information or data for criminal purposes.

Personal or financial information or data can be obtained, for example, via illegal access to computer devices and data bases, the use of phishing or interception tools, or through illicit acquisition, such as dumpster diving, social engineering, theft and online buying of information or data of another person. For example, ―phishing‖ has recently become a key crime committed in cyberspace and describes attempts to fraudulently acquire sensitive information (such as passwords or other personal or financial information or data) by masquerading as a trustworthy person or business (e.g. financial institution) in a seemingly official electronic communication. Examples of personal

information or data which is targeted in cyberspace are the following:

* Address particulars, phone numbers, dates of birth and identity numbers: This information can in general be used to commit identity theft if it is combined with other information or data. Having access to information such as a date of birth and address of a person can help the perpetrator to circumvent verification processes. One of the greatest dangers related in this regard is the fact that it is currently available on a large scale on various databases.

* Passwords for non-financial accounts: Having access to passwords for accounts allows perpetrators to change the settings of the account and use it for their own purposes. They can, for example, take over an e-mail account and use it to send out e-mails with illegal content or take over the account of a user of an auction platform and use the account to sell stolen goods.

Financial information or data is a popular target in cyberspace. Financial information or data which is targeted in cyberspace are information regarding saving accounts, credit cards, debit cards and financial planning information.

Personal or financial information or data are mostly used to commit financial cybercrimes.

The following offences aim to address personal or financial information or data related

offences:

(a) Clause 3(1) criminalises the intentional and unlawful acquiring by any means, the possession of or provision to another person, of the personal information of a person for purposes of committing an offence provided for in the Bill.

(b) Clause 3(2) criminalises the intentional and unlawful acquiring by any means, the possession of or provision to another person, of the financial information of a person for purposes of committing an offence provided for in the Bill.

(c) Clause 3(3) criminalises the intentional and unlawful use of the personal or financial information of another person to commit an offence under the Bill.

(b) In terms of clause 3(4), a person is guilty of an offence, if he or she is found in possession of personal or financial information of another person in regard to which there is a reasonable suspicion that such personal or financial information– * was acquired, is possessed, or is to be provided to another person for purposes of committing an offence under the Bill; or * was used or may be used to commit an offence under this Bill, and if he or she is unable to give a satisfactory exculpatory account of such possession.

For purposes of this clause, clause 3(7) defines – "personal information" means any ‗personal information‘ as defined in section 1 * of the Protection of Personal Information Act, 2013 (Act No. 4 of 2013); and ―financial information‖ means any information or data which can be used to * facilitate a financial transaction.

3.2.2 Unlawful access Since the development of computer networks, their ability to connect have been used by hackers for criminal purposes. Hackers need not be present at the crime scene, they just need to circumvent the protection securing the database, network or computer device. Illegal access threatens interests such as the integrity of data, a computer device, a computer network, a database or an electronic communications network. The legal interest is infringed, not only when a person unlawfully interferes or commits other unlawful acts in respect of data, a computer device, a computer network, a database or an electronic communications network, but also when a perpetrator, for example, merely accesses a computer network. Illegal access does not require that the offender accesses system files or other stored data. The criminalisation of illegal access represents an important deterrent to many other subsequent acts against the confidentiality, integrity and availability of data, a computer device, a computer network, a database or an electronic communications network, and other computer-related offences. It is vital to distinguish between illegal access and subsequent offences, since the other offences have a different focus of protection. In most cases, illegal access is not the end goal, but rather a first step towards further crimes, such as interfering with or intercepting data.

To address this, clause 4(1) criminalises the unlawful accessing of the whole or any part of data, a computer device, a computer network, a database, a critical database, an electronic communications network or a National Critical Information Infrastructure.

Clause 4(3) defines "access" as to include, without limitation, the following: To make use of, to gain entry to, to view, display, instruct, or communicate with, to store data in or retrieve data from, to copy, move, add, change, or remove data or otherwise to make use of, configure or reconfigure any resources of a computer device, a computer network, a database, a critical database, an electronic communications network or a National Critical Information Infrastructure, whether in whole or in part, including their logical, arithmetical, memory, transmission, data storage, processor, or memory functions, whether by physical, virtual, direct, or indirect means or by electronic, magnetic, audio, optical, or any other means. Clause 4(4) provides that for purposes of this section, the actions of a person, to the extent that they exceed his or her lawful authority to access data, a computer device, a computer network, a database, a critical database, an electronic communications network or a National Critical Information Infrastructure, must be regarded as unlawful.

3.2.3 Unlawful interception of data The use of Information Communications Technologies is accompanied by several risks related to the security of information transfer. Unlike classic mail-order operations, datatransfer processes over the Internet involve numerous providers and different points where the data transfer process could be intercepted. Wireless networks, for example, allow persons to connect to the Internet from anywhere inside a given radius, without the need for cable connections. However, this also allows perpetrators the same amount of access if adequate security measures are not implemented which will allow access to, inter alia, passwords, bank account information and other sensitive information. The criminalisation of the unlawful interception of data aims to protect the integrity, privacy and confidentiality of data within a computer device, a computer network, a database or an electronic communications network as well as data which is being sent to, over or from the aforementioned. The unlawful interception of data builds on the offence of illegal access, where further actions are taken by the perpetrator in order to acquire data unlawfully.

Clause 5(1) provides that any person who intentionally and unlawfully intercepts data to, from or within a computer device, a computer network, a database, a critical database, an electronic communications network, or a National Critical Information Infrastructure, or any part thereof, is guilty of an offence.



Pages:   || 2 | 3 | 4 | 5 |   ...   | 13 |


Similar works:

«Form Approved REPORT DOCUMENTATION PAGE OMB No. 0704-0188 The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to...»

«Found Legal Gender Ideas Interactions Institutions eBook for free and you can read online or download Gender Ideas Interactions Institutions PDF file from our library GENDER IDEAS INTERACTIONS INSTITUTIONS PDF Download: GENDER IDEAS INTERACTIONS INSTITUTIONS PDF GENDER IDEAS INTERACTIONS INSTITUTIONS PDF Find eBook gender ideas interactions institutions PDF? You will be glad to know that right now gender ideas interactions institutions PDF is available on our online library. With our online...»

«EIOPA-BoS-14/193 27 October 2014 EIOPA’s Fact Finding Report on Decumulation Phase Practices EIOPA – Westhafen Tower, Westhafenplatz 1 60327 Frankfurt – Germany Tel. + 49 69-951119-20; Fax. + 49 69-951119-19; email: info@eiopa.europa.eu site: www.eiopa.europa.eu Table of contents 1. Introduction 1.1. List of countries and applicable EU laws 1.2. Background 1.3. Scope 1.4. Responding countries 2. Start of the decumulation phase (circumstances of retirement). 8 2.1. General remarks 2.2....»

«Alcohol Consumption and Violence Against Women Dara Lee Luca Harvard Kennedy School University of Missouri Emily Owens University of Pennsylvania Gunjan Sharma World Bank November 2014* Abstract We provide quasi-experimental evidence on the role of alcohol consumption on violence against women using detailed individual level and aggregate data from India, where state level laws generate substantial variation in the availability of alcohol. We find that men are more likely to drink when they are...»

«IMPORTANT NOTICE IMPORTANT: You must read the following before continuing. The following applies to the prospectus following this page (the prospectus), and you are therefore advised to read this carefully before reading, accessing or making any other use of the prospectus. In accessing the prospectus, you agree to be bound by the following terms and conditions, including any modifications to them any time you receive any information from us as a result of such access. NOTHING IN THIS...»

«Remarks on Turing and Spencer-Brown (Joseph Weissman) Introduction Computation is holographic. Information processing is a formal operation made Abstract only by a reduction in the number of free variables, a projective recording which analyzes from all angles the entropy or information contained in the space. Thus, basing my results partly on Hooft’s holographic conjecture for physics (regarding the equivalence of string theory and quantum theory,) and by extending Spencer-Brown’s work on...»

«U.S. Department of Justice Bureau of Office of Community Justice Statistics Oriented Policing Services Conducting Community Surveys A Practical Guide for Law Enforcement Agencies U.S. Department of Justice Office of Justice Programs 810 Seventh Street, N.W. Washington, D.C. 20531 Janet Reno Attorney General Raymond C. Fisher Associate Attorney General Laurie Robinson Assistant Attorney General No1l Brennan Deputy Assistant Attorney General Office of Justice Programs World Wide Web Homepage:...»

«Submission to the STANFORD LAW REVIEW, November 2004 This essay is subject to revision. The final version of Professor Sander's article has not yet been published. The Real Impact of Eliminating Affirmative Action in American Law Schools: An Empirical Critique of Richard Sander’s Stanford Law Review Study David L. Chambers, University of Michigan Law School Timothy T. Clydesdale, The College of New Jersey William C. Kidder, Equal Justice Society Richard O. Lempert, University of Michigan Law...»

«Organization & Environment Volume XX Number X Month XXXX xx-xx © 2009 SAge Publications Slaughterhouses and Increased 10.1177/1086026609338164 http://oae.sagepub.com Crime Rates hosted at http://online.sagepub.com An Empirical Analysis of the Spillover From “The Jungle” Into the Surrounding Community Amy J. Fitzgerald University of Windsor Linda Kalof Thomas Dietz Michigan State University More than 100 years after Upton Sinclair denounced the massive slaughterhouse complex in Chicago as a...»

«ADOBE® CONNECT™ MOBILE NOTICES © 2012 Adobe Systems Incorporated and its licensors. All Rights Reserved. Adobe, the Adobe logo, and Adobe® Connect™ Mobile are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. Third Party notices, terms and conditions pertaining to third party software are available at the Adobe Systems Inc. web site, and are incorporated by reference herein. PARTICIPANT TERMS OF USE THESE ADOBE®...»

«GIGA Research Programme: Violence, Power and Security _The Culture of Fear and Control in Costa Rica (I): Crime Statistics and Law Enforcement Sebastian Huhn No 104 July 2009 www.giga-hamburg.de/workingpapers GIGA WP 104/2009 GIGA Working Papers Edited by the GIGA German Institute of Global and Area Studies Leibniz-Institut für Globale und Regionale Studien The GIGA Working Papers series serves to disseminate the research results of work in progress prior to publication in order to encourage...»

«International Relations Resource Guide Research & Think Library Databases Miscellaneous Tanks U.S. Government Gateways and Treaties & Agreements Websites Metasites International Organization Law and Diplomacy Print Sources Websites This guide provides selected information resources on countries. Included are the Mildred F. Sawyer Library databases, as well as websites of the U. S. government, international organizations, and think tanks. Also, a brief list of print resources is provided. For...»





 
<<  HOME   |    CONTACTS
2016 www.book.xlibx.info - Free e-library - Books, abstracts, thesis

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.