28
No. 37261
GOVERNMENT GAZETTE, 24 JANUARY 2014
3.4 E-services (including e-commerce)
3.4.1 Legislative and policy environment
The 1999 Green Paper on e-Commerce and the Electronic and Communications and
Transactions Act (ECTA) of 2002 highlighted the major areas of legislative and policy
interventions in respect of e-commerce, cybercrime and cybersecurity. The ECTA further
provided for the development of a three-year national e-strategy covering issues such as egovernment services, roles and responsibilities, coordination, monitoring and implementation
of the national e-strategy, research and development, as well as international coordination.
The ECTA provides for the building of trust and confidence in network infrastructure to
ensure a secure information society. The law enables the authorities to tackle all basic types
of cybercrime offences as well as operations and prosecution. The ECTA defines a number
of conducts that constitute cybercrime, and establishes several procedures to enhance
enforcement of the Act by law enforcement authorities.
E-signature and e-transaction is covered in the ECTA of 2002. This legislation is a solid
foundation that governs e-signatures and introduces basic principles, such as 'functional
equivalence' of electronic and paper-based signatures. Provisions are based on United
Nations Commission on International Trade Law (UNCITRAL) Model Law. The DoC is the
accreditation body for e-signature service providers. Two service providers have been
licensed: LAWtrust and SAPO.
Online consumer and data protection in South Africa is currently based on the Electronic
Communications and Transactions Act (ECTA), the National Credit Act (NCA), the
Consumer Protection Act (CPA), and, in the future, the Protection of Personal information
(POPI), which was recently signed into law. Provisions in this Act deal with data
protection and govern conditions relating to the processing of personal information, based on
OECD Guidelines.
Act,
In South Africa, as in other countries, copyright is dealt with through both national and
international laws and agreements. Both approaches complement each other in order to
ensure adequate recognition and protection of the rights of the copyright holders. The main
international treaties to which South Africa is a signatory include the Berne Convention
(1978), the Trade Related Aspects of Intellectual Property Rights (TRIPS) of the General
Agreement of Trade in Services (GATS) (1995), the World Intellectual Property Origination
Treaty (WIPO Treaty), and a number of other treaties administered by the WIPO such as the
WIPO Performance and Phonograms Treaty. The current South African national legislation
is covered in the Copyright Act of 1978 and amendments.
The Department of State Security is finalising the National Cybersecurity Policy in which the
issues of the protection of critical databases and critical infrastructure will be addressed.
Currently the implementation of critical infrastructure protection is fragmented. Computer
Emergency Response Teams (CERTs) and Computer Security Incident Response Team
(CSIRT), and Cyber Security Emergency Response Teams (CSERTs) need to
be
established on a national level. They coordinate activities against cybersecurity threats, and
ensure international cooperation. Public CERTs should be complemented with sector
CERTS and private sector CERTS (for instance in the banking sector).
Chapter Ten of the ECTA deals with the Domain Name Authority. It provides for the
establishment of .zaDNA as a Section 21 company and its overall mandate is to manage
and administer the .za namespace. Although the ECTA provides for the appointment of
Cyber-inspectors to monitor online content with regard to compliance with national
legislation, there are currently no cyber-inspectors appointed by the DOC to check whether
cryptography service providers are compliant with the law, or that authentication service
24
This gazette is also available free online at www.gpwonline.co.za