A Comparative Critique of the Cybercrimes Act 19 of 2020: Positioning South Africa vis-à-vis Australia
DOI:
https://doi.org/10.17159/1727-3781/2025/v28i0a17035Keywords:
Cybercrimes, Budapest Convention, African Union’s Convention on Cyber Security and Personal Data Protection, East African experience, Clare O'Neil, Australian experience, valuable lessons to be learned, international frameAbstract
Proceeding from the twin premises that international cooperation is essential to fight cybercrimes effectively and the need to make South African legislation more robust, I consider the provisions of the Budapest Convention on Cybercrime as well as the African Union’s Convention on Cyber Security and Personal Data Protection for guidance. As I am particularly interested in examining international ideas that could enhance the cyber preparedness of the South African cyber ecosystem so as to assess the strengths and weaknesses of South Africa’s Cybercrimes Act in a comparative, international context, with particular reference to Australia. I argue that it is necessary to view the international scene with reference to both the Budapest Convention and the African Union’s Convention in order to situate the Australian experience in proper perspective. Cybersecurity and awareness are after all a team sport. Apart from the valuable insights gained from the Budapest Convention on Cybercrime and the African Union’s Convention on Cyber Security and Personal Data Protection (notably the East African experience), I found an examination of Australian policy and practice to be particularly invigorating. In particular, I found three lessons gathered from the Australian experience prudent to enhance the South African cyber environment and legislation. These are the formation of a pro-active new (federal) task force (comprising 100 of the top cyber experts in Australia) by the federal government, making payment of a ransom demand illegal and ensuring that the retention of sensitive personal data be curtailed as much as possible (to prevent its exposure after a hack). I conclude the piece by expressing the hope that this contribution might inspire cyber criminologists to explore other profitable angles within the international frame.
Downloads
References
Bibliography
Literature
Grobler L 2013 Crossing the Line: When Cops Become Criminals (Jacana Auckland Park 2013)
Hillman JE 2021 The Digital Silk Road: China's Quest to Wire the World and Win the Future (Profile Books London 2021)
Lötter C and Bradshaw G "Reconceptualising Afrophobia in Post-Apartheid South Africa: A Conflict Transformational Perspective" 2022 Acta Academica 24-50
Perlroth N This is How They Tell Me the World Ends: The Cyber Weapons Arms Race (Bloomsbury New York 2022)
Snail ka Mtuze S "The Convergence of Legislation on Cybercrime and Data Protection in South Africa: A Practical Approach to the Cybercrimes Act 19 of 2020 and the Protection of Personal Information Act 4 of 2013" 2022 Obiter 536-569
Van Niekerk B "An Analysis of Cyber-Incidents in South Africa" 2017 African Journal of Information and Communication 113-132
Watney M "Cybercrime and the Investigation of Cybercrime" in Papadopoulos S and Snail ka Mtuze S (eds) Cyberlaw @ SA: The Law of the Internet in South Africa 4th ed (Van Schaik Pretoria 2021) 470-490
Case law
Black Sash Trust v Minister of Social Development 2017 3 SA 335 (CC)
Fourie v Van der Spuy and De Jongh Inc 2020 1 SA 560 (GP)
Jafta v Ezemvelo KZN Wildlife (D204/07) [2008] ZALC 84 (1 July 2008)
Narlis v South African Bank of Athens 1976 2 SA 573 (A)
Okundu v S (CA&R117/16) [2016] ZAECGHC 131 (22 November 2016)
R v Douvenga (District Court of the Northern Transvaal, Pretoria) (unreported) case number 111/150/2003 of 19 August 2003
S v Harper 1981 2 SA 638 (D)
S v Manuel 1953 4 SA 523 (A)
S v Motata (Johannesburg District Court) (unreported) case number 63/968/07
S v Van den Berg 1991 1 SACR 104 (T)
State v Howard (Johannesburg Regional Magistrates Court) (unreported) case number 41/258/02
Van der Walt v S 2020 11 BCLR 1337 (CC)
Legislation
Constitution of the Republic of South Africa, 1996
Cybercrimes Act 19 of 2020
Electronic Communications and Transactions Act 25 of 2002
International instruments
African Union Convention on Cyber Security and Personal Data Protection (2014)
Council of Europe Convention on Cybercrime (ETS No 185) (2001)
Council of Europe Second Additional Protocol to the Convention on Cybercrime on Enhanced Co-operation and Disclosure of Electronic Evidence (2021)
Internet sources
Australian Government 2023a Alternative Commonwealth Capabilities for Crisis Response Discussion Paper https://www.homeaffairs.gov.au/reports-and-publications/submissions-and-discussion-papers/alternative-commonwealth-capabilities-for-crisis-response-discussion-paper accessed 10 October 2023
Australian Government 2023b 2023-2030 Australian Cyber Security Strategy - Discussion Paper https://www.homeaffairs.gov.au/reports-and-pubs/files/2023-2030_australian_cyber_security_strategy_discussion_paper.pdf accessed 10 October 2023
Baker P 2023 North Korea Shipped Arms to Russia for Use in Ukraine, US Says https://www.nytimes.com/2023/10/13/us/politics/north-korea-weapons-russia-ukraine.html accessed 15 October 2023
Cybersecurity and Infrastructure Security Agency, United States 2013 Executive Order (EO) 13636: Improving Critical Infrastructure Cybersecurity https://www.cisa.gov/resources-tools/resources/executive-order-eo-13636-improving accessed 14 October 2023
Council of Europe 2001 Details of Treaty No 185 https://www.coe.int/en/web/conventions/full-list?module=treaty-detail&treatynum=185 accessed 28 September 2023
Council of Europe 2014 Explanatory Report – ETS 185 – Cybercrime (Convention) https://rm.coe.int/16800cce5b accessed 3 October 2023
Council of Europe 2023a The Budapest Convention (ETS No. 185) and Its Protocols https://coe.int/en/web/cybercrime/the-budapest-convention accessed 28 September 2023
Council of Europe 2023b Why and How is the Council of Europe Working Against Cybercrime? https://www.coe.int/en/web/cybercrime/home accessed 28 November 2023
Dover RM 2023 Russian and North Korea Artillery Deal Paves the Way for Dangerous Cyberwar Alliance https://theconversation.com/russian-and-north-korea-artillery-deal-paves-the-way-for-dangerous-cyberwar-alliance-213583 accessed 28 September 2023
Federal Bureau of Investigation 2023 FBI Identifies Lazarus Group Cyber Actors as Responsible for Theft of $41 Million from Stake.com https://www.fbi.gov/news/press-releases/fbi-identifies-lazarus-group-cyber-actors-as-responsible-for-theft-of-41-million-from-stakecom accessed 28 September 2023
Global Initiative Against Transnational Organised Crime 2023 Global Organized Crime Index https://globalinitiative.net/analysis/ocindex-2023/ accessed 28 September 2023
Goba T 2023 SANDF Maintains It Was Not Hacked, Claims It May Be an Inside Operation Instead https://www.msn.com/en-za/news/other/sandf-maintains-it-was-not-hacked-claims-it-may-be-an-inside-operation-instead/ar-AA1gazoh accessed 4 September 2023
International Telecommunication Union 2018 Global Cybersecurity Index https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2018-PDF-E.pdf accessed 5 October 2023
Judd B and Walker L 2022 Russia Responds After AFP Commissioner Says Medibank Hackers Based in Russia https://www.abc.net.au/news/2022-11-11/afp-reveal-more-information-on-medibank-hacker/101643794 accessed 10 October 2023
Lapham J 2022 Cyber Security Minister Clare O'Neil Flags Multiple Reforms to Protect Personal Data After Medibank Data Leaks https://www.abc.net.au/news/2022-11-13/medibank-data-breach-cybersecurity-latest/101648178 accessed 10 October 2023
Lötter C 2023a Sleeping with the Enemy: The Rise of the Insider Threat in Cybercrime https://mg.co.za/thoughtleader/2023-06-08-sleeping-with-the-enemy-the-rise-of-the-insider-threat-in-cybercrime/ accessed 26 September 2023
Lötter C 2023b Cybercrime: The Silent Spectre of Insider Threats https://mg.co.za/thoughtleader/2023-09-04-cybercrime-the-silent-spectre-of-insider-threats/ accessed 26 September 2023
Muendo M 2019 What's Been Done to Fight Cybercrime in East Africa https://theconversation.com/whats-been-done-to-fight-cybercrime-in-east-africa-127240 accessed 29 September 2023
National Cyber Security Index 2023 National Cyber Security Index (NCSI) https://resources.cdn.seon.io/uploads/2023/04/Cybersecurity_countries-min.pdf accessed 27 September 2023
National Information and Technology Authority Uganda 2023 National Information and Technology Authority https://www.nita.go.ug/ accessed 5 October 2023
Olivier B 2013 Modernism, Postmodernism and Poststructuralism: The Difference http://thoughtleader.co.za/bertolivier/2013/05/24/modernismpostmodernism-and-poststructuralism-the-difference/ accessed 15 July 2024
Sabbagh D 2023 Russian Hackers Want to "Disrupt or Destroy" UK Infrastructure, Minister Warns https://www.theguardian.com/technology/
|2023/apr/19/russian-hackers-want-to-disrupt-or-destroy-uk-infrastructure-minister-warns accessed 28 September 2023
Sayer F 2021 Nigerian Museums Must Tell Stories of Slavery with More Complexity and Nuance https://theconversation.com/nigerian-museums-must-tell-stories-of-slavery-with-more-complexity-and-nuance-169785 accessed 16 May 2024
Serianu 2017 Africa Cyber Security Report: Demystifying Africa's Cyber Security Poverty Line https://www.serianu.com/downloads/AfricaCyber
SecurityReport2017.pdf accessed 5 October 2023
Singh H 2021 South African Enterprises Can't Ignore the Risk of Cyberattacks: The Threat is on the Rise https://theconversation.com/south-african-enterprises-cant-ignore-the-risk-of-cyber-attacks-the-threat-is-on-the-rise-166133 accessed 26 September 2023
Uganda Communications Commission 2023 Computer Emergency Response Team https://ug-cert.ug/ accessed 5 October 2023
Wambui M 2019 Kenyans Arrested in Rwanda Bank Hackers Ring Bust https://nation.africa/kenya/news/Rwanda-busts-bank-hackers-ring-targeting-Equity-Bank/1056-5332858-ehye3p/index.html accessed 5 October 2023
Published
Issue
Section
License
Copyright (c) 2025 Casper Lӧtter

This work is licensed under a Creative Commons Attribution 4.0 International License.