Cybercrimes Act 19 of 2020

Also known as: South Africa Cybercrimes Act

South Africa's Cybercrimes Act criminalizes cybercrimes and requires electronic communications service providers and financial institutions to report cybercrimes to SAPS within 72 hours. It also establishes obligations for evidence preservation and cooperation with investigations.

Jurisdiction

South Africa

Regulator

Information Regulator of South Africa

Effective

12/1/2021

Sector

cross-sector

Full Text / Summary

The Cybercrimes Act creates offenses for: (1) unlawful access to computer systems; (2) interception of data; (3) interference with data or computer programs; (4) ransomware; (5) cyber fraud; (6) cyber forgery; (7) malicious communications. Key obligations for organizations include: reporting cybercrimes within 72 hours; preserving evidence; cooperating with SAPS. The Act works in conjunction with POPIA's security obligations.