Cyber Persepctives African South – Crime

Sizwe Lindelo Snail

Principal Attorney, Snail Attorneys @ Law

E-mail : Ssnail@snailattorneys.com

NAIROBI, 2012 AUG 16-17 KENYA

Monitoring of employee‟s at the workplace:

Piller Orders

SubstantiveProcedural law

law

Criminal Practice Issues:

Cyber Crime

Cybercrimes in South Africa (Common law position)

Computer crime or commonly referred to as Cyber Crime or ICT Crime (D

van der Merwe (2008 ) 61) is a new type of criminal activity which started

showing it’s ugly head in the early 90’s as the Internet became a common

place for online users worldwide.

Cyber crime or also known as computer crime can be defined as any

criminal activity that involves a computer and can be divided into two

categories .One the one the it deals with crimes that can only be

committed which where previously not possible before the advent of the

computer such as hacking, cracking, sniffing and the production and

decimation of malicious code (Ibid).

The other category of computer crimes are much wider and have

been existence for centuries but are now committed in the cyber

environment such as internet fraud, possession and distribution

of child pornography to name a few.

In modern times there is more focus from protecting the “container” of

valuables (the computer is merely the modern equivalent of a bank

vault), only instead of money or gold it contains data ) to protecting the

real valuables in most ICT crimes, namely the data contained in the

computer , the cell phone’s GPS device and so on. (D van der Merwe

(2008) 63. The question then usually arises as to what types of criminal

offences may be committed online and what laws one must apply to

charge an offender to successfully get a prosecution.

Common law position: Prior to the ECT Act

2.1 Introduction

Prior to ECT, the common and statutory law at that time could be extended as

widely as possible

One can easily apply the common law crimes of defamation, indecency (Online

child pornography, decimation of child porn), crimen iniuria (also known as

Cyber-smearing) fraud (Cyber fraud) (see the case of S v Van den Berg 1991 (1)

SACR 104 (T)), defeating the ends of justice, contempt of court (in the form of

publishing any court proceedings without the courts permission online or by

other electronic means), theft (see the cases of S v Harper 1981 (2) SA 638 (D)

and S v Manuel 1953 (4) SA 523 (A) 526 where the court came to the conclusion

that money which had been dematerialized could be stolen in it immaterial form)

and forgery to the online forms of these offences.

The applicability of the common law however has its own limitations and narrows significantly when dealing with online crimes involving

assault, theft, extortion, spamming, phishing, treason, murder, breaking and entering into premises with the intent to steal and

malicious damage to property.

When looking at the crimes of breaking and entering with intent to

steal as well as the crimes of malicious damage to property two

commonly known categories of Computer crimes come to mind. On

the one hand, hacking and cracking and on the other hand the

production and distribution of malicious code known as

viruses, worms and Trojan Horses.

In S v Howard (unreported Case no. 41/ 258 / 02, Johannesburg regional magistrates court) as discussed by Van der Merwe, the court had no doubt whether the crime of malicious damage to property could apply to causing an entire information system to breakdown.

The Court also mentioned further that the crime no longer needed to be committed to “physical property” but could also apply to data messages of data information.

(D van der Merwe (2008) 70)

2.2 Interception and Monitoring Prohibition Act

The Interception and Monitoring Prohibition Act specifically governs the

monitoring of transmissions including e-mail.

Section 2 states that: no person shall –

“intentionally intercept or attempt to intercept or authorize, or procure any other

person to intercept or to attempt to intercept, at any place in the Republic, any

communication in the course of its occurrence or transmission “

This means in simple terms that conduct that:

(a) Intentionally and without the knowledge or permission of the dispatcher to

intercept a communication which has been or is being or is intended to be

transmitted by telephone or in any other manner over a telecommunications line;

or

(b) Intentionally monitor any conversations or communications by means of a

monitoring device so as to gather confidential information concerning any person,

body or organization,

2.3 Dangerous code

Dangerous code refers to any computer programme that causes

destruction or harm and has been programmed in such a way with

malicious intent.

Ebersoehn & Henning (JJ Henning & G J Ebersoehn (2000) 111)

define a virus as:

“A piece of programming code usually disguised as something else

that causes some unexpected and , for the victim usually undesirable

event and which is often designed so that it is automatically spread to

other computer users.”

They go on further and classify them as File infector viruses, system or

boot record viruses and macro viruses. It must be noted that viruses

can either be decimated or “contracted” by exchange of various media

or by receipt in an e-mail.

Ebersoehn & Henning define a worm as:

“a type of a virus …. that situates itself in a computer

system in a place were it can do harm” (JJ Henning & G J

Ebersoehn (2000) 112)

The difference between a virus and a worm is the former

has to be activated by the user and that worm on the other

hand gains access to the computer and search for other

internet locations infecting them in the process.

Ebersoehn & Henning define a Trojan as:

“A destructive computer programme disguised as a game, a utility or

application. A Trojan horse does something devious to the computer system

while appearing to do something useful”

It is submitted that with the court’s inherent power to develop the common

law the creating and or decimation of the above dangerous codes could have

resulted in successful prosecution relating to malicious damage to property.

The requirements of malicious intent and fault could easily be attributed in

the form of dolus directus, dolus indirectus or even dolus eventualis and in

some instances luxuaria (conscience negligence) could also be used were

maybe the author of such a programme failed to take precautions to ensure

that it does not fall in the public domain (even if it was for research purposes)

2.4 Child Pornography

Crimes such as possession and distribution of child pornography

can be prosecuted in terms of the Films and Publications Act, Act

65 of 1996 which provided in its definition of publication that a

publication is:

“(i) any message or communication, including visual

presentation, placed on any distributed network including, but

not confined to, to the internet. “

In terms of section 27 (1) and section 28 of the said legislation if

anyone creates, produces , imports or is in possession of a

publication or film which contains scenes of child pornography, he

shall be guilty of an offence. Gordon also notes that the act may

also extend to “pseudo-pornography” as found in animated

pornography. (Barrie Gordon (2000) 439).Section 25 and section 26

also prohibit the decimation of child pornography in films or

publications respectively.

Watney states that section 35(5) of the Constitution of South Africa

finds application. Section 35(5) states that evidence obtained in a

manner that violates any right in the Bill of Rights must be excluded if

the admission of that evidence render the trial unfair or will otherwise

be detrimental to the administration of justice. (M Watney (2008) 2).

T

he constitutional court confirmed in the matter of Key v Attorney-

General, Cape Provincial Division (1996 (6) BCLR 788 (CC)) „(b)ut

there will be times when fairness will require that evidence, albeit

obtained unconstitutionally, nevertheless be admitted.‟

Issues of proof are traditionally classified under three headings

namely: witnesses, objects (real evidence) and documents.

2.5 Evaluation of e-Evidence at Common Law

Technological advances have brought many new devices

onto the market, some valuable in providing evidence. The

products of these devices are sometimes regarded as real

evidence and sometimes as documentary evidence. The

current view is that it is real evidence unless it takes the

form of paper or other material on which knowledge or

thoughts are reproduced. (M Watney (2008) 3).

Watney points out that In the S v Fuhri (1994(2) SACR 829

(A)) it was decided that the photograph of a vehicle whose

driver had committed an traffic offence is real evidence,

whereas in the S v De Villiers (1993 (1) SACR 574 (Nm)) the

court found that a computer printout containing

information, where the information had a human source,

is a document. (M Watney (2008) 3)

Although S v Ndiki [2007] 2 All SA 185 (Ck) dealt with the admissibility

of computer print-outs before the ECT Act, Van Zyl J made many

relevant remarks pertaining to the admissibility of electronic evidence.

The following remark was made by Van Zyl J in S v Ndiki:

„It seems that it is often too readily assumed that, because the

computer and the technology it represents is a relatively recent

invention and subject to continuous development, the law of

evidence is incapable or inadequate to allow for evidence

associated with this technology to be admissible in legal

proceedings. A preferable point of departure in my view is to rather

closely examine the evidence in issue and to determine what kind

of evidence it is that one is dealing with and what the requirements

for its admissibility are’ [53].

Watney submits against the background of the Ndiki-case, one will

have to look at the facts of a particular case and determine what

type of evidence the data message represents.

Once the type of evidence has been determined, a two-phased

procedure will be applicable namely :

(i) to determine the admissibility of the electronic evidence during a

trial-within-a-trial and if the evidence is found to be admissible

(ii) the evidential weight of the evidence has to be determined.

Watney citing Hoffman states that questions relating to admissibility

of electronic evidence must be decided in a „trial within a trial‟. „A trial

within a trial‟ (Hoffman (2006) 1).

3. Cyber-crime in the Electronic Communications and

Transactions Act

3.1 Background

In Narlis v South African Bank of Athens 1976 (2) SA 573 (A), the Court

held that a computer printout was inadmissible in terms of the Civil

Procedure and Evidence Act 25 of 1965. It was also held that a

computer is not a person. It was clear that the law regarding value of

electronic data in legal proceedings required urgent redress.

This resulted in the premature birth of the Computer Evidence Act 57 of

1983. Section 142 of the said act made provision for an authentication

affidavit in order to authenticate to authenticate a computer printout.

The Computer Evidence Act seemed to make more provision for civil

matters than criminal ones. It created substantial doubts and failed the

mark for complimenting existing statues and expansion of common

principles. (M Kufa (2008) 18 -19)

3.2 The Electronic Communications and

Transactions Act, Act 25 0f 2002

• After many years of legal uncertainty, Parliament enacted the Electronic Communications and Transactions Act, Act 25 of 2002 (ECT) which comprehensively deals with Cyber-crimes in Chapter XIII and has now created legal certainty as to what may and not constitute Cyber-crime.

• One must however, note s3 of the ECT (its interpretation clause) which does not exclude any statutory or common law from being applied to, recognizing or accommodating electronic transactions – in other words the common law or other statues in place wherever applicable is still in force and binding which has the result that wherever the ECT has not made specific provisions for criminal sanction such law will be applicable. (S Snail (2008) 65)

Section 85 defines „cyber crime‟ as the actions of a person who, after

taking note of any data, becomes aware of the fact that he or she is not

authorized to access that data and still continues to access that data (S

L. Geredal (2006) 282).

Section 86(1) provides that, subject to the Interception and Monitoring

Prohibition Act, 1992 (Act 127 of 1992), a person who intentionally

accesses or intercepts any data without authority or permission to do so,

is guilty of an offence.

In the case of R v Douvenga (District Court of the Northern Transvaal,

Pretoria, case no 111/150/2003, 19 August 2003, unreported) the Court had

to decide whether an accused employee GM Douvenga of Rentmeester

Assurance Limited (Rentmeester) was guilty of a contravention of section

86(1) (read with sections 1, 51 and 85) of the ECT Act.

It was alleged in this case that the accused, on or about 21 January 2003, in or

near Pretoria and in the district of the Northern Transvaal, intentionally and

without permission to do so, gained entry to data which she knew was

contained in confidential databases and/or contravened the provision by

sending this data per e-mail to her fiancée (as he then was) to „hou‟ (keep).

The accused was found guilty of contravening section 86(1) of the ECT

Act and sentenced to a R1 000 fine or imprisonment for a period of three

months. (S L. Geredal (2006) 282). Hacking has now been entrenched in

our law in s86 (1) of the ECT which makes any unlawful access and

interception of data a criminal offence. This also applies to unauthorized

interference with data as contained in s86 (2) of the ECT.

Section 86 (4) and 86(3) introduces a new form of crime

known as the anti-cracking (or anti-thwarting) and hacking

law. In terms of Section 86 (3) the provision and, or selling

and, or designing and, or producing of anti-security

circumventing (technology will be a punishable offence.

(GJ Ebersoehn (2003) 16)

In terms of section 86(4) it is requirement to be guilt of

this offence if the offender uses and designs a programme

to overcome copyright protection, with direct intent to

overcome a specific protection data protection programme

(GJ Ebersoehn (2003) 17).

Denial of service (DOS) attacks also popularly known as Disk Operating

System attacks, are attacks that cause a computer system to be

inaccessible to legitimate users.

Section 86(5) states that, “any person who commits any act described

in Section 86 with the intent to interfere with access to an information

system so as to constitute a denial , including a partial denial of

services to legitimate users is guilt of an offence ”.

The act or conduct is fashioned in such a manner that it is widely

defined and consist of any of the action criminalized in Sections 86(1)

– Section 86 (4). The actions include unauthorized access,

unauthorized modification or utilizing of a program or device to

overcome security measures. (M Kufa (2008) 20)

Similarly one can deduce that e-mail bombing and spamming is now

also a criminal offence as contained in the wide definition of s86 (5)

and s45 of the ECT respectively.

Section 87 of the ECT also has introduced the Cyber crimes of E-

Extortion as per section 87(1), E-Fraud as section 87(2) and E-Forgery

as section 87(2). Section 87(1) provides an alternative to the common

law crime of extortion. Kufa states that pressure is therefore exerted by

threatening to perform any of the acts criminalized in section 86.

Kufa also criticizes this section as “wet behind the ears“as its common

law equivalent applies to both forms of advantage of a propriety and

non-propriety form. He suggests that this proviso is wanting and will

require redress. (M Kufa (2008) 21)

3.3 Other statutory remedies

• Cyber crimes are not limited to the acts as contained in the ECT but there are also other statues that are applicable in the prosecution of Cyber crimes.

• For instance, in terms of the Prevention of Organized Crime Act (POCA) and FICA Act the prevention of all the crimes (as applicable to the cyber environment) listed is highlighted (but in an organized fashion) as well as the prohibition of money laundering and other financial related crimes which are these days done online which may also contravene the Exchange Control Regulations.

• Also noteworthy is the National Gambling Act and Lotteries Act. In terms of s89 of the National Gambling Act any form of unlicensed gambling is unlawful and may be imprisoned for period of 2 years. Similarly s57 and s59of the Lotteries Act also states that “any unlicensed lotteries or anyone participating in a foreign lottery is liable to a criminal offence”.

Other statutory remedies cont.

• Notwithstanding Section 86 (4) which outlaws the cracking of anti-pirating and or security software. It is also important to state that the sale and or making available of illegal copies of movies or music online (in formats such mpeg4, Divx, mov, mp3, wav, mwa etc) an individual may be in contravention of the Copyright Act in terms of which s27 of the Copyright Act prohibits the unlawful copying, decimation and, or distribution of copyrighted works.

• The provisions of the Counterfeit Goods Act may also be applied were the sale of such counterfeit goods (in this context reference to goods is the illegal copy of the movie or song) was concluded online.

4. Procedural aspects of Cyber-crimes

Legal Aspects impacting on Law enforcement of Cyber crimes

(Procedural aspects of Investigating and Prescuting Cyber crimes)

4. 1 Admissibility and Evidential Weight of data Messages (ECT Act S 15)

• After much legal uncertainly as to the admissibility of a printout in Court in terms of the Old Computer Evidence Act, Section 15 of the ECT, now states that the rules of evidence must not be used to deny admissibility of data messages on grounds that it‟s not in original form. A data message made in the ordinary course of business, or a printout correctly certified to be correct is admissible evidence. It constitutes rebuttable proof of its contents when it is produced in the form of a print-out.[1]

• The Act now states that Data messages shall be admissible giving due regard to reliability of manner of storage, generation and communication, reliability of admission manner of maintenance of message, manner in which originator is identified, and any other relevant factor. In other words the Act creates a rebuttable presumption of that data messages and or printouts thereof are admissible in evidence.[2]

[1] Also see the case of S B Jafta v Ezemvelo KZN Wildlife ( Case D204/07 ) where a e-mail used to accept an

employment contrct ws regarded s conclusive proof the the said employment had been accepted.

[2] also see the controversial case of S v Motata where electronic information ( data in the form of images and sound)

from cell phone was admitted into evidence in a trial within a trial ( the case has yet to be concluded )

•The Act now states that Data messages shall be admissible giving due regard to

reliability of manner of storage, generation and communication, reliability of admission

manner of maintenance of message, manner in which originator is identified, and any

other relevant factor. Section 15(4) of the ECT Act provides that data message made

by a person in the ordinary course of business, or a certified copy, printout or extract

from such data message “is on its mere production in any civil, criminal,

administrative or disciplinary proceedings under any law or the common law,

admissible in evidence against any person and rebuttable proof of the facts

contained in such record, copy, printout or extract.”

•The copy, printout or extract is to be certified to be correct by an officer in the service of

the person making the data message. In other words the Act creates a rebuttable

presumption of that data messages and or printouts thereof are admissible in evidence.

(See also the controversial case of S v Motata Johannesburg District Court case

number 63/968/07 (unreported) at 622, where electronic information (data in the form

of images and sound) from a cellphone was admitted into evidence in a trial within a trial

)).

When giving judgement, the court must decide what weight to attach to

the evidence when evaluating the totality of the evidence. Guidelines

and presumptions assist the presiding officer. The following guidelines

will assist the presiding officer: (M Watney (2008) 7). 15(3) states in

assessing the evidential weight of a data message the court must take

regard to:

(a) the reliability of the manner in which the data message was generated,

stored or communicated;

(b) the reliability of the manner in which the integrity of the data message

was maintained;

(c) the manner in which its originator was identified; and

any other relevant factor.‟

Legal Aspects impacting on Law enforcement of Cyber crimes

(Procedural aspects of Cyber crimes) cont

4.2 Search and Seizure (ECT Act s82 (1))

The ECT has now created “Cyber-Inspectors” who, with the authority of a warrant, may enter any premises or access information that has a bearing on an investigation (into possible Cyber crime). Their powers have been well defined in the Act which includes the authority to search premises or information systems, search a person or premises if there is reasonable cause to believe they are in possession of article/document/record with bearing on investigation.

• Cyber inspectors may also demand the production of and inspection of any licences or registration certificates in respect of any law, take any extracts of books or documents on any premises or information system with a bearing investigation, and also the power to inspect any facilities on premises with a bearing on an investigation.

• To avoid issues of unnecessary red-tape which may hamper a prosecution, Cyber inspectors are also empowered to access and inspect the operation of any computer or equipment forming part of an information system- used or suspected to have been used in an offence and require any person in control of, or otherwise involved with the operation of a computer to provide reasonable technical assistance.

5. ANTON Piller Order

5.

(See Ronald C TROYE BASSON v Vuselela Herbals –

Unreported Transvaal Provincial Division Case : 6206 / 06 ) .

Anton Piller Order (continued )

Waylynn CC v Scooters Pizza (Pty) Limited, and Dice Pizza Eldoraigne

CC v Scooters Pizza (Pty) Limited [ Unreported : North Gauteng High

Court - Case number 1078/09 and Case number 1074/09 )

• An applicant in Anton Piller proceedings must give full and fair disclosure of

all material facts as is the duty of any applicant in ex parte proceedings.

• Anton Piller order are for the preservation of evidence and are substitute for

possessory or proprietary plans. (Memory Institute SA v Hanson 2004 SA 630 SCA)

• Protection measures have been built in such as the appointment of an independent

attorney to supervise the execution of the order. Also see the case of Retail

Apparel v Ensemble Trading and other 2001 (4) SA 233- 234 where the Court held

that ,“ It [the Anton Piller order ] must be meticulously executed and accordingly to

letter of the order “

• The applicant and the own attorney may NOT be party to the

search party.

Anton Piller Order (continued )

The Reclamation Group v Jacobus P Smit and others [ Unreported Case of

the South Eastern Cape Local division : Case 678 /02

• Reconsideration of Anton Piller order need not always be in terms of Rule

(12) (c) but is wide enough to accommodate such relief sought.

• Effect of reconsideration is twofold as, firstly, both sides story is now before

Court and the second consideration is that the execution of the original order

may have had the effect that those issues are not exactly the same as the

issues before Court when the original application was before Court.

• Factors that court uses in reconsidering Anton Piller Order:

(a) Whether Anton Piller procedure was used for an improper or illegitimate

purpose. If so , the Court may grant a punitive cost order against the applicant

form of improper behavior

Anton Piller Order (continued ) (b) Whether Anton Piller order was legitimately obtained and whether it purpose has

already been achieved.

(c) If the original purpose has not been fully achieved , the Court must consider as to

whether the applicant should be allowed any further benefit not already achieved by the

execution of the original order.

(d) Whether the applicant failed to comply with the procedural requirement such as

FULL disclosure of all relevant fact , obtaining an order wider than necessary and

failure to execute the order in accordance with the direction contained in the

original ex parte order granted by the Court.

Please note that in the DICE PIZZA case procedural error or non-compliance with the

initial application rendered the ORDER to be set-aside. BUT in this case the COURT

decided not to set-the initial order aside despite the fact that procedural errors had taken

pace as the Court found that the procedural errors where “ not a sufficient serious

degree of over-breadth or non-compliance with the original order to warrant the

undoing of all the effects of the order “ despite the police having been present and

the and an allegation that the seized documents where communicated to

unauthorized 3rd parties.

Discovery of EVIDENCE seized as a result of Anton Piller Order

SST SALES v Fourie TT Jacobus and others [unreported case : 09/50427 – South Gauteng High Court ]

*Evidence seized in search and seizure, as a result of Anton Pillar may not be

discovered by way of a RULE 35 or RULE 36 Discovery Application unless

exception circumstances exist. Discovery rules only applicable to action

proceedings . Discretion to order discovery must be used sparingly. Discovery

must not be used as a weapon in preliminary skirmishes and can be easily abused

and must be protected by the Courts ( see par 15 of SST Sales case referring to

MV URGUP v Western Bulk Carriers 1999 (3) SA 500.

* Proprietary information of the Applicant or that of the responded may be

returned for essential business or personal use .

* Court may order that applicant may inspect relevant copies to its main case

(See The Reclamation Group Case as previously referred to )

Entrapment, video evidence, polygraph testing, telephone tapping, searches

(Unauthorised searches and seizures)

Entrapment is a method used were a person is lured into committing a crime for the

purpose of securing a conviction . Dekker however warns however that that the general

rule observed our courts is that traps should be treated with caution. In SATAWU on

behalf of Radebe v Metrorail Wits it was held that in the employment context , evidence

obtained by means of entrapment is admissible if conducting the trap does not go

beyond an opportunity to commit an offence. This is involves a 2 (two) steps enquiry .

Firstly, one must enquire if the conduct went beyond an opportunity to commit an

offence.

Factors that may indicate this include the nature of the offence, the availability of other

techniques of investigating in order to obtain proof, whether an average person in the

same position would be induced to commit an offence, the degree of persistence and

number of attempts, the type of inducement, the timing of the conduct, whether the

conduct involved an exploration of human characteristics such a s a emotions and

friendship or personal or professional circumstance, whether a particular vulnerability

was exploited, the proportionality between the involvement of the official compared to

that of the accused, whether before the trap was set there was suspicion on reasonable

grounds that the accused committed an offence, and whether the official acted in bad or

good faith.

Secondly, one must weigh up the interest of public and private interest. In this stage the

Court must consider the nature and the seriousness of the offence, whether it would be

difficult in the absences of a trap to uncover the crime, whether the crime is so often

committed that special measures are required to detect it , the extent of the effect of the

trap, the nature and seriousness of any infringement of one‟s fundamental right [Rights

contained in the Bill of Rights such as the right to privacy and the right not to have

evidence obtained unconstitutional to be used in a disciplinary tribunal ] and whether the

setting of the trap and the means used were proportional to the seriousness of the

offence.

Entrapment should be used as a last resort.

Video evidence is usually used in entrapment cases. Most of the principles relating to

entrapment apply also to video evidence. If an employee is taped during the course of

employment when and where he or she should be working, the taping does not

constitute an infringement of privacy. If video cameras have been set up to monitor a

specific area , then that area will be the one being monitored and not the employee and

thus such would not constitute infringement of privacy .

Polygraph Testing

Section 12 of the Constitution safeguard against the invasion and or infringement of a persons‟

bodily and psychological integrity of a person and therefore involuntary polygraph testing would

not be permissible. The right to privacy as contained in section of 14 of the Constitution as well as

infringe on a person right not to self-incrimination as contained in Section 35 (3) (i) of the

Constitution. The CCMA in Sotibo and others v Ceramic Tile Market held that polygraph the result

obtained in a mass polygraph testing was a mere indication of deception and that other

corroborating evidence must have been obtained and specific question must have been asked

during the testing relating to the alleged offence . It has also been held in the case of Malangu

CIM Deltak , Gallant v CIM Deltak that voice analyze polygraph testing which analyses

emotional stress within a voice pattern by searching for variations in speech tremors as

inadmissible.

Telephone tapping

In Moonsamy v The Mail House an employee was dismissed on the basis of information

gathered by means of a tap on his telephone at the workplace. The CCMA found then in

interpreting the provisions of the interim Constitution dealing with limitation of rights , [in particular

the applicant right to privacy ] that such an act would constitute [ the tapping of his phone ] would

constitute justified limitation of the applicants right to privacy under the following conditions, (a) if

the nature of an employee‟s right to privacy on the employer‟s premises during working hours

allowed for restrictions , (b) if , through a balancing of interests , the employers‟ business interest

were sufficiently important to restrict the employee‟s right of privacy ;.

(c) in view of what the nature and extent of the limitation of the right to privacy would

entails; (d) a reasonable relationship between the limitation and the purpose of the

limitation ; (e) proof that less restrictive means are not possible to achieve the same

purpose. . In the present case the employers failed to prove the fifth requirement namely

, proof that less restrictive means are not possible to achieve the same purpose and the

telephone recording were ruled as in admissible

Physical Searches and Seizures

In the Mhlongo v AECI the CCMA held that information and evidence obtained in an

illegal search of an employee‟s house which would be inadmissible in a criminal

proceeding to be admissible. It was also ruled that the evidence found in possession of

the employee to have destroyed the employment relationship and because of the quasi-

judicial nature of the proceedings before it, it may use a discretion in admitting such

evidence as the evidence obtained was directly relevant to accessing the continuation of

the employment relationship.

This view was confirmed in the matter SA Commercial Catering & Allied Workers union

& others v King Williams Town fast food t/a Chicken Licken where an employee refused

to have her belongings searched was dismissed and the CCMA found that the employer

was entitled to such drastic disciplinary action to enforce the rule that employees must

be searched.

Jurisdiction (ECT Act s90)

• Jurisdictional challenges are probably the main challenge that cyber prosecutors face in prosecution of cyber-crimes.

• Sec 90 of the Act gives South African courts the jurisdiction to try offences arising from actions where an offence is committed in the republic, any act in preparation for the offence takes place in the republic, any part of the offence is committed in the republic, the result of the offence has effects in the republic, the offence is committed in the republic, by a person carrying on business in the Republic or when the offence is committed on board any ship or craft registered in republic.

• There is much legal debate however as to whether this provisions in line with International law and the effect of other international treaties on the prosecution of Cyber-crimes

E-Discovery

Electronic communications are regarded as data in terms of the ECT. In term s of the

ECT the admissibility and evidential weight must be defined by rules of evidence in

conjunction with the refinements in ECT. (B Hughes (2008) 1).

Section 15 (1) (b) re-echoes the “Best Evidence” common law rule. Although an

electronic document need not be in original form the person adducing it must bring

must reasonably be expected to have kept it in its original form. For instance a print-

out of an e-mail is not the best evidence as it would lack the embedded information

(creator of document, time of creation, routing of e-mail, etc) retained in the electronic

copy knows as meta data. (B Hughes (2008) 2).

Alex Elliot states that , “Rule 35(1) requires a party to an action “ to make discovery

under oath … all documents … relating to any matter in question in such action

which are or at least have at any time been in the possesion or control [ of such

party ] “ .

Hughes argues that an e-mail print out would not satisfy Rule 35 (10 ) of the

Uniform Rules of Court in that such a document would not be the original for

purpose of inspection or production.

E-Discovery ( continued )

Hughes respectfully concludes in light of Section 14 and Section 17 of the ECT

dealing with originality, production and integrity of electronic data messages. A

party may demand an electronic copy of an electronic document capable of

displaying the meta data. In the absence of such production the admissibility and

weight of the document may be attacked. (B Hughes (2008) 3)

Elliot proposes, that the correct way forward would be to use High court

Rule 36 (6) as a doorway to inspecting other parties‟ databases for discovery

prurposes in that the Rule provides for a party to a proceeding to inspect any

movable or immovable property in another parties possession , if the state or

condition thereof may be relevant to any matter in question in the proceeding.

Elliot goes further to state that , “ Rule 36 (6) has an exact counterpart in the new

Magistrates Court rule 24 ( 6)” . Elliot also proposes legislative changes be made

to the provision to allow for independent person with IT skills to perform a through

search of all electronic databases in the possession of that party.

Q & A

Contact Us:

Attorney Sizwe Lindelo Snail

E-mail : Ssnail@Snailattorneys.com / Sizwe_snail@yahoo.com

www : www.snailattorneys.com

Tel : +27 12 362 8939

Fax : +27 86 617 5721

Cell : +27 83 477 4377