1 / 21

PRESENTATION TO SELECT COMMITTEE

PRESENTATION TO SELECT COMMITTEE. ELECTRONIC COMMUNICATIONS AND TRANSACTIONS BILL ANDILE NGCABA 12 JUNE 2002. ISSUES ADDRESSED IN THE BILL. National e-strategy Electronic Transactions Policy Facilitating Electronic Transactions E-government Cryptography Providers

mfelder
Télécharger la présentation

PRESENTATION TO SELECT COMMITTEE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PRESENTATION TO SELECT COMMITTEE ELECTRONIC COMMUNICATIONS AND TRANSACTIONS BILL ANDILE NGCABA 12 JUNE 2002

  2. ISSUES ADDRESSED IN THE BILL • National e-strategy • Electronic Transactions Policy • Facilitating Electronic Transactions • E-government • Cryptography Providers • Authentication Service Providers • Consumer Protection • Protection of Critical Databases • Domain Name Authority & Administration • Limitation of Liability of service Providers • Cyber Inspectors • Cyber Crime

  3. OBJECTIVES OF THE BILL • To enable and facilitate electronic transactions by creating legal certainty on the cyberspace • Bridging the digital divide by developing a National e-Strategy • To ensure legal recognition and functional equivalence between electronic and paper based transactions • To promote public confidence and trust in electronic transactions • To promote universal access to electronic communications and transactions • To promote the use of electronic transactions by SMME’s

  4. OBJECTIVES OF THE BILL cont. • To encourage e-government services • To protect consumers, privacy and critical data • To prevent abuse of information systems and prevent cyber crime • To establish proper management regime with regard to domain names in the Republic

  5. MAXIMISING BENEFITS AND ELECTRONIC POLICY • The objective is to maximize the benefits internet offers by promoting universal and affordable access • The development of the National e-Strategy plan by the Minister in consultation with members of Cabinet • The national e-Strategy plan must include detailed plans and programs to address 1. The development of e-transaction strategy 2. The promotion of universal access and e-readiness 3. SMME’s development 4. Empowerment of previously disadvantaged persons and communities 5. Human resources development

  6. FACILITATING ELECTRONIC TRANSACTIONS • It provides for the legal recognition of data messages and records • Legal recognition of electronic transactions and advanced electronic signatures • Formation of contracts online • Validity of sending notices and other expressions of intent through data messages

  7. E-GOVERNMENT • The Bill promotes adoption of e-communications and transactions by government by providing for the following: • Electronic filing of documents • Issuing of permits, licenses, approvals • Electronic payments • Departments are free to specify their own formats for electronic documents and determine the criteria • The public body shall not be compelled to accept or issue any document in the form of an electronic data message

  8. CRYPTOGRAPHY PROVIDERS • Rationale: To curb security threats posed to consumers who transact online • The Bill requires the suppliers of crypto materials to register their products and services with the Dept. • Provides for the establishment and maintenance of a cryptography provider register by the Dept • This will assist the investigative authorities in the event of any threat to National security by deciphering of encrypted messages

  9. WHAT IS CRYPTOGRAPHY? • It’s a process of converting data into an unreadable form using public key system (generated codes) to encrypt and decrypt data • How Public Key Cryptography works – key pair system • Symmetric encryption – uses the same key to encrypt and decrypt • Asymmetric uses one key to encrypt and a different but related key to decrypt • One key is kept private and another can be made public – anyone can use it to decrypt a confidential message from the person who owns the private key

  10. AUTHENTICATION SERVICE PROVIDERS • The Bill provides for the establishment of an Accreditation Authority within the Department • It also provides for voluntary accreditation of authentication products and services • The purpose is to promote confidence and trust in the electronic environment • The Bill further provides for the establishment and maintenance of a publicly accessible database in respect of accredited products and services, and revoked accreditations

  11. CONSUMER AND PRIVACY PROTECTION • This section deals with consumer protection issues pertaining to electronic transactions only • It afford consumers protection and privacy when transacting electronically thus ensuring their confidence. • Protection is based largely on the following principles: • Provision of as much information as is necessary to the consumer before the transaction is concluded • A right afforded to the consumer to cancel the agreement within 14 days if certain requirements have not been complied with

  12. CONSUMER AND PRIVACY PROTECTION • Provision of a cooling period entitling the consumer to cancel without reason and without penalty, any transaction or any related credit agreement for the supply of goods within 7 days of receipt of goods. • A right not to be bound by unsolicited goods and services • A right to complain to the Consumer Affairs Council

  13. PROTECTION OF PERSONAL INFORMATION • The principles contained in this chapter will only apply to data that is collected through electronic transactions. • In terms of section 52 the following principles will apply when data controllers collect information: • Collection may only take place with the express and written permission of the data holder • Data controllers are prohibited to collect personal info which is not required for the purpose for which the info is collected • South African Law Commission is currently developing specific data protection legislation

  14. PROTECTION OF CRITICAL DATA • Critical data is information which, if compromised, may pose a risk to the national security of the Republic or to the economic or social well being of the citizens • Provision is made for the Minister to declare certain classes of info as being critical data and establish procedures to be followed in the identification and registration of such data

  15. PROTECTION OF CRITICAL DATA • Standards/regulations for management, protection, storage, control of critical databases will be prescribed • A register will be maintained by the Dept containing name and address of data custodian, location of info and types of info stored in the critical database

  16. DOMAIN NAME AUTHORITY AND ADMINISTRATION • The Bill establishes .za Domain Name Authority (.zaDNA), a section 21 company, and stipulates the objects, powers and functions of the Authority • The Minister will assume responsibility for the .zaDNS public policy as it is a national asset • The Authority will be controlled and managed by a fully representative board of between 8 and 16 directors

  17. LIMITATION OF LIABILITY OF SERVICE PROVIDERS • The Bill creates a safe harbour for service providers who are currently exposed to a wide variety of potential liability by virtue of only fulfilling their basic technical functions • Service providers may seek to limit their liability where they have acted as mere conduits for the transmission of data messages provided they meet certain conditions • The Bill provides for specific requirements that the service provider’s actions must meet before the clause may be invoked to limit his or her liability

  18. CYBER INSPECTORS • The Bill provides for the appointment of Cyber Inspectors • Their powers include: • Monitoring Internet websites in the public domain • Investigating whether cryptography service providers and authentication service providers comply with the Law • They also have powers of search and seizure subject to a warrant • They can also assist the police or investigative bodies on request

  19. CYBER CRIME • The Bill introduces criminal offences relating to information systems into the SA law • These crimes relate to: • Unlawful access to or interception of data • Unlawful interference with data that cause the modification, destruction, erasure or corruption of data • Computer-related extortion, fraud and forgery

  20. CONCLUSION • The Bill will result in changes to certain Laws by other Departments • It also does not oblige other Government Departments to accept or issue documents in electronic form • The Bill will effect an increase in revenue collected by the Department in the form of fees payable for

  21. THANK YOU

More Related