Barry Streek
The terror attacks in the United States have strengthened the case for controversial provisions in draft e-commerce legislation approved by the South African Cabinet this week.
The Electronic Communications and Transactions Bill contains “Big Brother” provisions empowering the authorities to open cybermail messages and place controls over the use of encrypted services.
The law also provides for the appointment of “cyber inspectors” entitled to “monitor and inspect any website or activity on an information system in the public domain”.
Inspectors may, on the authority of a warrant, enter any premises or access any information system. They may search any premises, system or person “if there are reasonable grounds for believing the person has possession of an article, document or record that has a bearing on the investigation”.
In the aftermath of the New York and Washington terror attacks, a front-page article in the London Financial Times highlighted the problem of terrorists and criminals communicating via the Internet, particularly through coded or encrypted messages.
The text of the Electronic Communications and Transactions Bill has not yet been released to the public, but a copy obtained by the Mail & Guardian proposes wide powers for the interception of e-mail messages.
“It’s just like the old days when the special branch used to steam open envelopes and read your letters,” says Inkatha Freedom Party MP Suzanne Vos. The Bill appears to raise “complex issues of the rights of the individual to privacy on the Internet, versus the obligation of the state to secure the protection of the citizens”.
The government will by implication have access to private encryption such as bank transactions and private commercial transactions. The proposals in regard to encryption will have to be closely scrutinised.
Democratic Alliance MP Dene Smuts says the principle of state interception of phone calls and mail has long being accepted. The real question is how this is monitored and what safeguards are put in place.
Smuts says she will look closely at the proposals for the registering of encrypted services, as she believes this should be under the control of a third party rather than the government.
The broad thrust of the 93-clause Bill is likely to be widely welcomed. It sets out the proposals for the regulation for “the enablement and facilitation of electronic transactions in the public interest”, including the recognition of the importance of the information economy to South Africa’s future and the need to promote universal access.
The Bill makes provision for the conduct of e-commerce transactions, the conclusion of contracts by e-mail, service providers and the registration of cryptographic providers. It provides that no one will be able to provide cryptographic services or products in South Africa unless they are recorded in a register maintained by the Department of Communications.
However, service providers will not be required to apply for permission from the department to sell or provide authentication products or services, but must apply to the “authority” in effect, the department for their accreditation. Also provided for is the protection of consumers in e-mail transactions and deals, and the protection of the .za domain.