|
Part 3
Chapter VIII: Personal Information and Privacy Protection
This Chapter establishes a voluntary regime for protection of
personal information. Personal information includes any information
capable of identifying an individual. Collectors of personal
information (data collectors) may subscribe to a set of universally
accepted data protection principles. It is envisaged that consumers
will prefer to deal with only those data collectors that have
subscribed to the recorded data protection principles. The sanction
for breach of these provisions is left to the parties themselves to
agree on. Subscription to these principles is voluntary due to the
fact that the South African Law Commission is currently developing
specific data protection or privacy legislation which is expected to
be enacted within 24 months.
Chapter IX: Protection of Critical Data
In terms of its definition, critical data is information which,
if compromised, may pose a risk to the national security of the
Republic or to the economic or social well being of its citizens.
The Minister may prescribe matters relating to the registration of
critical databases and require certain procedures and technological
methods to be used in their storage and archiving.
Chapter X: Domain Name Authority and Administration
A section 21 company will be established, or an existing one
approved, to manage the domain name space of the Republic. Its
membership and governance structures must be representative of the
general South African society, Government and other stakeholders.
The objects, powers and functions of the Authority are provided for
in the Bill. Provision is also made for disputes involving domain
names to be settled by means of alternative dispute resolution
methods. The Minister is empowered to formulate national policy on
the .za domain name space.
Chapter XI: Limitation of Liability of Service Providers
Chapter XI deals with the limitation of the liability of service
providers or so-called "intermediaries" and creates a safe
harbour for service providers who are currently exposed to a wide
variety of potential liability by virtue of merely fulfilling their
basic technical functions. The service providers may seek to limit
their liability where they have acted as mere conduits for the
transmission of data messages. In each situation the Bill seeks to
provide for specific requirements that the actions of the service
providers must meet before the clause may be invoked to limit his or
her liability.
Chapter XII: Cyber Inspectors
Chapter XII of the Bill seeks to provide for the Department of
Communications to appoint cyber inspectors. The cyber inspectors may
monitor Internet websites in the public domain and investigate
whether cryptography service providers and authentication service
providers comply with the relevant provisions. The inspectors are
granted powers of search and seizure, subject to obtaining a
warrant. Inspectors can also assist the police or other
investigative bodies, on request.
Chapter XIII: Cyber Crime
Chapter XIII of the Bill seeks to make the first statutory
provisions on cyber crime in South African jurisprudence. The Bill
seeks to introduce statutory criminal offences relating to
information systems and includes—
- (a) unauthorised access to data;
- (b) interception of or interference with data;
- (c) computer-related extortion;
- (d) fraud; and
- (e) forgery.
Any person aiding or abetting another in the performance of any
of these crimes will be guilty as an accessory. The Bill seeks to
prescribe the penalties for those convicted of offences.
|
