South Africans will soon have to be much more careful and think twice about messages they send over WhatsApp and other social media platforms, as the Cybercrimes Bill (“Bill”), which was adopted into law recently and is in the process of being enacted, attempts to police malicious messaging.

Cybercrime is on the increase and the Bill essentially aims to stop these acts, keep people safe from criminals and terrorists, improve the security of the country and to bring South Africa in line with other countries’ cyber laws. The practical impact of the Bill on all organisations and individuals are significant and unfortunately mostly negative. It impacts all of us who process data or use a computer.

Contravening the provisions entailed in the Bill could lead to a fine or imprisonment for a period not exceeding three years, or to both a fine and imprisonment. The Bill fundamentally intends to curb the number of harmful messages, which by definition now covers a wide range of subject areas, that do the rounds on social media.

The Bill incriminates, amongst other, the following acts in particular:

•    Disrupting another’s personal details: by sharing another’s personal details online for malicious purposes, without their knowledge and/or consent;

•    Unlawful sharing of intimate images: by publishing and/or distributing another’s nude intimate images or multimedia files of an intimate nature will constitute a harmful disclosure of pornography, which the Bill seeks to regulate. The Bill describes an “intimage image” as both real and simulated messages which shows the person as nude or displays his/her genital organs or anal region. This includes instances where the person is identifiable through descriptions in a message or from other information displayed in the data message. These acts can cause extensive reputational damage to another, especially if the said person had no intention of making it public;

•    Sharing of information regarding investigations into cybercrimes: the Bill enables the Minister of Justice to make regulations on information sharing. This includes sharing information on cybersecurity incidents, detecting, preventing and investigating cybercrimes;

•    Inticing damage to property belonging to “a group of persons”: by sharing messages which encourages people to damage property belonging to a certain demographic group, could lead to an arrest simply for the incitement rather than the act. This act includes any implied threats of violence against “a group of persons”.

The Bill was first published on 28 August 2015, updated on 19 January 2017 and introduced in Parliament on 22 February 2017, where it currently still sits. There have been extensive comments on the Bill during the public participation period in 2017, which comments have been considered and incorporated and was the latest version of the Bill published on 23 October 2018. The new version of the Bill creates many new offences, some relating to data, messages, computers and networks.

The Bill has come a long way since its first publication and the overall effect of its provisions will be tested in time to come. Readers are however advised to take note of the Bill and its consequences before it is signed into law as ignorance of the law will not be an excuse.