“Sexual violence is a horrific reality that continues to plague this country.” (Quoted in judgment below)

It’s often said that victims of rape and other types of sexual violence have to suffer twice – firstly at the hands of the rapist and secondly at the hands of the law.

A recent High Court ruling on the knotty question of consent could go some way towards remedying this. At the heart of the matter is the delicate balance between a victim’s right to be treated with dignity and compassion in their quest for justice, and the accused’s right to be presumed innocent until proven guilty in a fair trial.

The consent conundrum

To secure a conviction of sexual violence the State must prove – beyond reasonable doubt – the absence of consent to the accused person’s actions. Unfortunately, major injustices have resulted in the past from the fact that many perpetrators escaped conviction by simply claiming that they believed that consent had in fact been given – without having to show that their belief was in any way reasonable.

Two shocking acquittals

The Court referred to two practical examples of grave injustice rooted in the current wording of the Criminal Laws (Sexual Offences and Related Matters) Amendment Act:

  1. A woman had agreed to oral sex only, but her then-boyfriend proceeded to perform full penetrative sex. He claimed that her body language gave tacit consent to penetration and that he misconstrued her request to him to stop as a request to pause momentarily. He was acquitted on the basis that his version was “reasonable and possibly true, although his explanation was improbable”. The complainant had not objectively consented, but the State had not proved beyond reasonable doubt that his version that he genuinely believed that there was at least tacit consent, was false. The court considered itself bound to acquit “unless it is satisfied not only that the explanation is improbable but that beyond any reasonable doubt it is false.”
  2. In the second case, a woman was raped by a man she met through an online dating site. He had invited her to his home for a “party” at which she turned out to be the only guest. The perpetrator was acquitted on the basis that, although the victim had not objectively consented to the penetration, “she neither physically resisted nor loudly protested. The State did not exclude the possibility that the accused did not hear her say ‘no’ and did not prove beyond reasonable doubt that he was aware that she was not consenting. Put differently, the court accepted that he had subjectively believed that there was consent.”

Enter a welcome new limit to the consent defence

The courts in question had no choice but to acquit given the Act’s present wording, and as the High Court put it: “Currently … an unreasonable belief in the presence of consent is a defence. The State bears the extraordinarily high burden to prove that the accused’s claim that he [it could of course have been a “she”] was under the impression that consent had been given is not reasonably possibly true.”

It accordingly held the relevant sections of the Act to be unconstitutional and invalid and ordered that they be read such that “…it is not a valid defence for that accused person to rely on a subjective belief that the complainant was consenting to the conduct in question, unless the accused took objectively reasonable steps to ascertain that the complainant consented to [the] sexual conduct in question.” (Emphasis supplied).

How will our courts interpret this in practice?

Based on the Act’s current wording, our courts have previously held that, “where there was no express rejection of the sexual act … consent has the following requirements: (a) the consent itself must be recognised by law; (b) it must be real consent; and (c) it must be given by a person capable of consent.”

Assuming the Constitutional Court upholds the High Court’s declaration of invalidity, we can only guess how our criminal courts will ultimately interpret whatever new wording it and parliament (which has 18 months to amend the Act) finally settle on. But something like the five-point common sense definition of consent given in Amnesty International’s article “Let’s Talk About Consent” may well form the basis of judicial interpretation down the line.

The article further suggests that “Consent is not about signing a contract! It’s about communication and about making sure all sexual activities happen with mutual consent.” Which seems like a fair and practical way of looking at it.

The bottom line?

One would hope that our courts will ultimately decide that only a genuine, unequivocal, unpressured, informed, specific and un-retracted “Yes” will be enough to escape conviction.

As a final thought, remember that this new law only comes into force if and when the Constitutional Court confirms it.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“In defence of Madiba’s legacy, we will continue to wage a relentless war on corruption…” (President Cyril Ramaphosa)

You may have seen mention of the new amendment to the Prevention and Combatting of Corrupt Activities (POCCA) Act that imposes severe penalties for any failure to report corruption. If you did see it, you quite possibly thought “Doesn’t apply to me, I’m just a small business”.

Wrong! Let’s have a look at who the new law applies to, what it requires of you, the risk you run if you don’t pay it due attention, and how you should manage this new risk.

Who does the new reporting requirement apply to?

Not just big companies and multinational businesses. It applies not only to all members of “incorporated state-owned entities” but also to all persons and entities in the private sector. The definition here is very broad indeed, and it includes all types and sizes of businesses from sole trader up, all types of entity large and small, all companies, every “body of persons” and every “other legal person”.

In short, it applies to you!

What does it require of you?

Simply put, you must report any corruption or attempt at corruption. Of course, we all know what the common-sense definition of “corruption” is. If you need an exhaustive legal definition, we can certainly help you with that.

But in practice just be aware that it applies to any agreement or offer by an “associated” person (including employees, independent contractors and the like) to give anyone else any unlawful “gratification”. What’s more, “gratification” is so widely defined as to include every possible form of monetary or non-monetary advantage (or avoidance of disadvantage) you can think of. Naturally the agreement or offer in question must relate to an attempt to either obtain or retain a business advantage of some sort.

On another warning note, POCCA penalises not just active knowledge of corruption and wrongdoing, but also brings in concepts of “should have known” and “turned a blind eye”.

Put simply, you must report any form of “corruption”. Full stop.

What penalties apply?

In theory, the sky’s the limit here – unlimited fines and life imprisonment! In practice, courts will of course tailor the punishment to fit the crime. The bottom line: there are very clear indications that the authorities mean business, so beware.

How should you protect yourself?

The new law pulls no punches. But fortunately there’s a solid defence included in the new provision: to escape liability you only need to show that you “had in place adequate procedures designed to prevent” the corruption. There’s no definition of what this might entail, so it’s up to you to use common sense based on your particular business and circumstances. Local experts suggest that to be safe we follow the UK’s “Six Principles” – proportionality (procedures tailored to the level of your risk), top-level commitment, risk assessment, due diligence, communication, and monitoring and review.

Need help with drafting a corruption prevention protocol? Shout if we can help.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“[The buyer] must in the circumstances take responsibility for her failure to protect herself against a known risk” (extract from judgment below)

Cybercriminals absolutely love targeting property transactions because they provide the perfect mix of large money deposits, heavy reliance on email communication from trusted parties like attorneys, banks and estate agencies, and deadlines creating a sense of urgency and lack of attention to detail.

Let’s consider just one recent example of a high-value BEC (Business Email Compromise) attack on the purchase of a house.

A textbook case costs a pensioner R5.5m
  • A woman describing herself as “an elderly divorced pensioner without the knowledge, experience or resources to protect herself against sophisticated cybercrime of which she had no knowledge or experience” purchased a house for R6m.
  • She paid a R500k deposit to the estate agents, and then after an exchange of emails with her appointed conveyancers, she paid the balance of R5.5m into what she believed to be the conveyancing firm’s account.
  • In fact, her email system had been hacked and the criminals were intercepting and altering both her incoming and outgoing emails. In a typically sophisticated operation, they ensured that the mails and attachments looked genuine, deceived the buyer into paying the R5.5m into their fraudulent account, and then, via a further chain of back-and-forth emails, delayed detection of the fraud for long enough to give them time to withdraw the funds and disappear.
  • The buyer sued the conveyancers for her R5.5m loss, arguing that they had a legal duty to protect her from the BEC. The High Court agreed and ordered the firm to pay her back, but that was reversed on appeal to the SCA (Supreme Court of Appeal).
  • Critically, the SCA held that in cases of “pure economic loss”, creditors have no general legal duty to protect their debtors from the interception of payments, and there is no inference of “wrongfulness”. So, it is up to the client in such a claim to prove not only negligence by the business, but also wrongfulness.
  • In this particular case the Court found that the buyer had “ample means to protect herself”. It was not the conveyancers but the compromise of her email account that enabled the criminals to intercept her emails. She could have paid by bank guarantee but chose to pay in cash. Moreover, she had been warned by the estate agency about this very risk and had heeded the warning and verified the agency’s banking details before paying in the deposit. She could, and should, have taken the same precaution before paying the conveyancers.
  • Bottom line – the buyer “must in the circumstances take responsibility for her failure to protect herself against a known risk” and must bear her R5.5m loss herself.
How to protect yourself – 5 steps to take immediately
  1. Whether you are business or client, protect your systems from being hacked. Constantly update all your software and anti-virus/anti-malware programs. Use 2FA (two factor authentication) on your accounts. If it is your email system that is hacked and causes the loss, you have a problem! As a business you could also be in trouble for breaching POPIA (the Protection of Personal Information Act).
  2. Constantly warn everyone about the risks of email interception and fraud and remind them never to accept any change of banking details notifications without checking.
  3. Protect all attachments from alteration (including PDFs!).
  4. Before making deposits, phone to confirm all banking details you are given via email. Make sure to phone a number you have confirmed to be genuine – criminals regularly provide fake contact numbers in intercepted emails and documents.
  5. Carefully check all email addresses as scammers often make subtle changes – in this case for example the buyer failed to notice that the word “africa” in an email had been changed to “afirca”. Other common dodges are changing numerals or adding/removing hyphens.

Above all, treat all email communications as inherently unsafe and don’t let your guard down for a second!

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“It’s high time they legalised cannabis” (Anon)

Much excitement has greeted the signing into law of the Cannabis for Private Purposes Act, which will formally regulate the cultivation, possession, and use of cannabis by adults in a private setting and, says the Presidency, lays the groundwork for regulatory reforms “to allow for the industrialisation of the cannabis sector.”

But although the new Act has been widely reported in the media as though it is already in force, this is not correct – it will only come into effect when its commencement date is gazetted. It is not clear at date of writing when we can expect this to happen, but it could be a lengthy process. Until then the rather vague parameters for private and personal use, possession and cultivation set by the Constitutional Court in 2018 will presumably remain in place.

In the interim, here are some highlights of the Act –

What is “cannabis” in the new Act?

“Cannabis” is defined for the purposes of the Act as meaning “the flowering or fruiting tops of a cannabis plant and includes products made therefrom” (i.e. “buds”, extracts, oils and the like) but the definition excludes “any seed, seedling, the stalk, leaves and branches.”

What you will be able to do, and what you won’t

In a nutshell, it will be legal within prescribed limits to grow, possess, use and share cannabis in private, but not to sell it. More specifically, and with the general requirement of “private purpose” –

  • In private: Any adult (18 or over) will be able to cultivate, use, possess and share cannabis “in a private place for a private purpose”. But not in the presence of a child or non-consenting adult, and not “if it is likely to cause a disturbance or nuisance to any person” in a nearby public place. Note that when it comes to sharing (supplying or obtaining), there cannot be any exchange of “consideration” defined as “any form of compensation, gift, reward, favour or benefit” (i.e. sale for recreational as opposed to medical use will remain prohibited, even for private purposes). The prescribed “maximum amounts” (see below) will apply in private as well as in public places.
  • In public: An adult will be able to possess (subject to prescribed maximum amounts), but not to use, cannabis in a public place.
  • Protections for children: No child (person under 18) can be given cannabis or any cannabis product, nor be allowed to possess or use it without a medical prescription, nor can they be used to deal in it. Importantly, any adult “who is in possession of cannabis must take reasonable measures to ensure that such cannabis is inaccessible to a child whether that child is under the authority, supervision or care of that adult person or not.”
Maximum amounts will be prescribed, and transport will be regulated

Regulations will prescribe –

  • The maximum amounts allowed for cultivation, possession and transport of cannabis.
  • “Conditions, restrictions, prohibitions, obligations, requirements or standards regarding the transportation of cannabis, by the person transporting cannabis as well as in respect of the passenger in such transport.”

Current speculation (i.e. you can’t hold us to this!) is that the prescribed amounts will be based on those proposed in a version of the Bill which was not incorporated in the final Act. That Bill proposed that adults would be able to –

  • Possess unlimited seeds and seedlings.
  • Privately cultivate four flowering cannabis plants per person (or eight per household occupied by two or more adults).
  • Privately possess 600 grams of dried cannabis per person (or 1,200 grams per household occupied by two or more adults).
  • Publicly possess 100 grams of dried cannabis or one flowering cannabis plant.
  • Provide/obtain for personal use 30 seeds/seedlings, 1 flowering cannabis plant, 100 grams of dried cannabis.

Note however that the 2020 Bill’s structure is different to that of the final Act, so wait for the final Regulations before relying on any of these speculated limits!

Criminal records to be expunged

Convictions for possession and use of cannabis (dagga) will be automatically expunged, as will convictions for dealing based on legal presumptions rather than actually dealing. Where records have not been automatically expunged, they will be expunged on application.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“It’s the profile of the most trusted individual, in a position of trust, like an accountant or bookkeeper. They usually never take leave, and someone who never allows anyone access to their system would go to the length of taking their laptops with them while they are on holiday so that they can continue working. They are usually caught in the moment of forced absence from work.” (Specialised Commercial Crimes Court as reported by News24)

Our courts report a surge in serious cases of theft from employers by their most trusted employees – often bookkeepers and accountants. The greater the trust placed in these dishonest individuals, the more they steal and the longer they get away with it.

Particularly in more serious cases, employers should lay criminal charges as well as instituting disciplinary proceedings. Criminal courts are imposing hefty deterrent sentences, and the Labour Court has confirmed that laying charges does not prejudice the simultaneous disciplinary process.

Minimum sentences apply

Firstly, minimum sentencing provisions apply when large amounts have been stolen. Even first offenders must be sentenced to a minimum of 15 years’ imprisonment for any fraud or theft involving more than R500,000 (R100,000 for persons acting together or R10,000 for law enforcement officers) unless “substantial and compelling circumstances exist which justify the imposition of a lesser sentence”.

Let’s look at some recent cases –

  • 50 years for a R537m theft: Over some two decades of employment in a position of trust as an accountant, an employee admitted to 336 counts relating to thefts totalling an astonishing R537m. She had tried to cover up with fraudulent VAT claims and although her lavish lifestyle (she spent R5m on one specific day) attracted attention, it seems that it was only an anonymous tip off that eventually led to her detection and arrest. She was sentenced by a Specialised Commercial Crimes Court (SCCC) to 50 years behind bars.
  • 10 years for a R13.4m fraud: A creditor’s clerk, once again in a position of trust, pleaded guilty to 972 counts of fraud totalling over R13.4m and stretching over 9 years, only discovered when she went on sick leave. The mitigating factors in her case (she has health issues and is 65 years old) led the High Court to reduce her 15-year sentence to a below-the-minimum 10 years.
  • 18 years for a R14m theft: A financial manager stole over R14m, leaving the couple who had trusted him with their finances without their life savings (including a cancer diagnosis payout) and on their knees financially and emotionally. The Court’s sentence of 3 years more than the minimum reflected its finding that the aggravating factors justified removing the manager from society, despite his gambling addiction and previous clean record.
  • 15 to 30 years for a R52m fraud? A trusted store accountant “viewed as a brother” by its traumatised owners (one of whom even contemplated suicide), admitted to two counts of fraud totalling R52m as a result of his gambling addiction. He will only be sentenced in March, but it seems from media reports that he is unlikely to receive less than the minimum 15 years’ imprisonment per count, possibly to run concurrently.
The Labour Court confirms you can do both

A municipal manager with 15 years’ service was criminally charged with very serious frauds. He asked the Labour Court to stop his employer’s disciplinary process against him, arguing that in defending himself at the disciplinary hearing he might have to give self-incriminating evidence.

The Labour Court disagreed, finding that the employee had several layers of protection available to him in the criminal trial, and clearing the employer to proceed with the disciplinary hearing simultaneously. In fact, said the Court, “It is tantamount to an abuse of court process by a person holding a managerial position using court processes to prevent his employer from subjecting him to a disciplinary process under the guise of protecting his constitutional rights.” It accordingly ordered him to pay all costs on the punitive attorney and client scale – a very unusual censure in labour law matters where both sides are normally left to cover their own costs.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“…sending bank details by email is inherently dangerous, and so must either be avoided in favour of, for example, a secure portal or it must be accompanied by other precautionary measures like telephonic confirmation or appropriate warnings which are securely communicated.” (Extract from judgment below)

Before you make any payment to a supplier’s bank account on the basis of an emailed invoice, check that the bank account details in the invoice are genuine.

If your supplier’s or your email system have been hacked in a BEC (“Business Email Compromise”) scam, the invoice details could easily be fraudulent and if so you will be paying into a scammer’s bank account.

Property transactions are prime BEC targets, but not the only ones!

You will have seen many warnings about the global problem of conveyancing email scams, where emails are intercepted and false bank account details appear in invoices or in the mails themselves.  Property sales are usually high value transactions and thus a natural target for fraudsters.

Increasingly though, other non-property related business-to-business and business-to-customer transactions are being targeted – the higher the value of the deal, the more likely it is to be subjected to online crime.

Let’s take a topical example…

It’s high-value inverter time, and the bad guys are taking note…

You decide to install a high-value inverter, courtesy of Eskom’s “no end in sight” loadshedding. Inverter installers – let’s call them “Speedy Sparkies Inverter Systems” – email you a quote for R145,000. You accept. Back comes an emailed invoice from fred@speedysparkies.co.za asking you to pay R100,000 upfront to cover materials. You transfer R100k to the X Bank account on the invoice and ask when they will install. The friendly return email reads “Thanks for the payment, we’ll fit you in next week Thursday. Best, Fred”.

Thursday rolls around but no Fred. You phone him. “But you haven’t paid us yet” says Fred. “Yes I have, I paid into your account last week and you emailed confirmation of receipt of payment”. “No, definitely no payment received and no email from us confirming receipt.” “That’s impossible Fred, I have your email in front of me”. At which stage you notice, with a sinking heart and rising panic, that that last email came from fred@speedy-sparkies.co.za – with a hyphen. “Nope, really sorry” says Fred, “there’s no hyphen in our email address and we bank with Y Bank not X Bank. You’ve been scammed. We’ll try to help you but you need to pay the R100k again before we can install”.

Denial, anger, acceptance, then off to the bank to ask for help and off to SAPS to lay charges. Your bank and the police are sympathetic but not hopeful of recovery. So what happened?

How did you just lose R100k?

Using phishing tactics, the scammers hacked into Speedy’s email system then monitored all their emails, waiting for a high value contract to pop up. They pounced, intercepted the email to you with the invoice, changed only the return email address and the bank account.

You suspected nothing – the look and feel of the email and invoice are totally genuine, the wording of the mails is Fred’s (right down to his trademark sign-off “Best, Fred”), the email address difference is so subtle you don’t notice it. Sometimes scammers can even “spoof” an email address, where the sending email address appears to be the same as the legitimate one.

It all looks 100% authentic and of course by the time you and Fred realise anything is amiss, your money is long gone.

The only winners here are the scammers and the question now is “who is the loser?”

Who takes the loss? Who pays for your inverter now? Can you sue?

Here’s the rub – you blame Speedy for allowing their system to be hacked. You accuse them of negligence and of failing in their duty to keep your data safe in compliance with POPIA (the Protection of Personal Information Act). But Speedy deny fault and say you carry the risk and anyway it’s your mistake for not noticing the falsified email address and for not phoning Fred to check the bank account details. Speedy’s insurers confirm they have no cover for this sort of fraud.

Do you have a legal claim against the business? There’s no cut-and-dried answer to that, with our case law outcomes to date tending to vary with each particular set of facts, and the courts referring to various questions of proving negligence, compliance with payment instructions, “considerations of legal and public policy”, and reference to a general rule that anyone making a payment to someone else is required to check that they are paying into the correct account.

So as a customer, it’s probably safest to work on the basis that you could well be held to be the party at risk and will almost certainly have to prove (at the very least) negligence on the part of the business in order to stand a chance of establishing any claim against it.

As a business on the other hand, your legal position is far from secure. You will be accused of negligence (and perhaps also breach of POPIA) if it is your system that was hacked. Even if it is your customer’s email account that has been hacked you are still at risk, as confirmed by the recent High Court award of R5.5m (plus interest and costs on the punitive attorney and client scale) in just such a case against a conveyancing firm on the basis of its legal duty of care towards a property purchaser, and on a finding that “but for the negligent transmission of its account details and failure to warn [the buyer] upfront of the inherent danger of BEC, she would not have suffered the loss.” In the Court’s words “sending bank details by email is inherently dangerous, and so must either be avoided in favour of, for example, a secure portal or it must be accompanied by other precautionary measures like telephonic confirmation or appropriate warnings which are securely communicated”.

On a strictly practical level, your reputation is at stake and those 5-star Google Reviews could be in for a knock.

Bottom line – take legal advice specific to your case. Perhaps you will both be advised to cut your losses and to share the pain 50/50. Far from ideal, but a lot better than protracted and bitter litigation.

Prevention being as always a lot better than cure, we share below some ideas on how to protect yourself from this sort of cyber fraud in the first place.

Prevention – here’s what to do
  • Businesses: Most importantly, protect your systems from being hacked! Train all staff in the increasingly sophisticated nature of phishing emails, update all your software and beef up your anti-virus and anti-malware protections and protocols. Consider not putting your banking details on invoices and tell customers to phone you to check any details they are given. Consider using a secure payment portal with two-factor authentication (2FA) and protect any PDF documents you send (it’s a myth that PDFs can’t be altered). Tell customers on every email that you will never advise any change of bank details by email. Check with your insurers whether you can get cover for this risk.
  • Customers: Take the same strong anti-hacking measures. Never pay anything without checking bank details direct with the business, either in person or telephonically (don’t use the phone numbers on the emails or invoices, they could easily have been faked as well). Check email addresses carefully – make sure the return address is the same as the sender’s address (some tips on how to do that here), watch for subtle changes like ‘.co.za’ becoming ‘.com’ or vice-versa, and remember that every hyphen, every letter and every number in the email address counts. Use bank-defined beneficiaries for online banking where possible. Be very suspicious of any “we’ve changed our banking details” communications.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“Administrative penalties and criminal proceedings do not serve the same purpose. The [one] is aimed at strengthening internal controls of the administrative authority and to promote compliance while the other is aimed at correcting a behaviour that caused harm to the society.” (Extract from judgment below)

SARS has announced major crackdowns on tax defaulters, and a recent High Court decision highlights the dangers of being caught out for “intentional tax evasion”.

R1.3m prejudice to SARS
  • A close corporation (CC) registered for both income tax and VAT (value added tax) rendered “nil” returns to SARS over a four-year period, indicating that no income had been generated and no expenses incurred.
  • After a tax audit, SARS determined (and the CC admitted) that the returns were false and that SARS had in consequence suffered prejudice of R819,607 on VAT and R493,600 on Income Tax.
  • SARS levied 10% late payment penalties and further imposed a 150% understatement penalty on both Income Tax and VAT. The 150% was imposed for “intentional tax evasion”.
  • Both the CC and the member were then also charged criminally for intentional tax evasion.
Both penalties and prosecution – is that “Double Jeopardy”?

They applied to the High Court for a declaration that the relevant sections of the Tax Administration Act are invalid, arguing that it is inconsistent with the constitution to “criminally punish the taxpayer twice for the same criminal offence of intentional tax evasion.”

Which raised the question of whether or not this was a case of “double jeopardy” – the legal rule that “no one may be punished for the same offence twice.” You cannot, in other words, be repeatedly prosecuted for the same offence.

But, held the Court, “nothing precludes civil administrative proceedings and criminal proceedings from the single act”. Double jeopardy does not apply in a case such as this where “calling the taxpayer to account for the wrongdoing before an administrative body as well as the criminal are two distinct processes”.

In other words, both the CC and the member, having been subjected already to hefty administrative penalties (that 150% understatement penalty must hurt particularly badly!) now face criminal prosecution as well. Criminal records, substantial fines and direct imprisonment are all on the table.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“…cybercrime has increased by over 300% during the COVID-19 pandemic – making it one of the biggest threats to businesses around the globe.” (Property 24 report)

The Cybercrimes Act, which has been years in the making, is now (with effect from 1 December 2021) at last largely in force. Although some provisions still remain on hold (most notably some of those relating specifically to “revenge porn” and the granting of protection orders), a whole range of unlawful cyber-related activity has now been specifically criminalized.

The police have also been given wide powers of investigation, search, access and seizure, and the penalties for contraventions are substantial.

The pandemic-forced shift to a “work from home, shop and communicate online” culture has reportedly seen cybercrime rocketing by 300%. As always our best protection from online criminals is prevention, but for anyone unfortunate enough to fall victim to them at least the new Act now provides us all with a layer of legal protection we haven’t had before – but only if we actually use it and report cybercrime.

The new crime categories

The Act’s provisions are detailed and complex, so this is of necessity just a very brief summary. But for most practical purposes what you need to know is that both individuals and organisations now face prosecution for any –

  • Unlawful access to a “computer system” or “computer data storage medium” (i.e. “hacking”).
  • Unlawful interception of or interference with data, computer programs, data storage mediums and systems.
  • Unlawful acquisition, possession, provision or use of passwords, access codes and the like (PINs, access cards and devices included).
  • Cyber fraud, forgery, extortion and theft.
  • “Malicious communications” (which would by definition include messages sent by email or via Social Media channels, WhatsApp and the like) to the general public, individuals or groups that –
    • Incite damage to property or violence to a person or persons,
    • Threaten a person or persons with damage to property or violence,
    • Disclose a “data message of an intimate image of a person” without that person’s consent, and regardless of whether the victim is identifiable in the image itself or only from a description or other related information. Moreover the image can be “real or simulated”.
A particular warning to Social Media users

Posting or sharing anything prohibited by the Act – perhaps particularly any of the types of “malicious communication” referred to above – could land you in some extremely hot water. Think before you post!

What about “revenge porn”?

As noted above, some of the Act’s provisions relating specifically to “revenge porn” are not yet in effect, but there are already prohibitions against it in other legislation, plus the offences mentioned above relating to disclosure of “intimate images” should at least partially assist victims in the interim.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“7,000 people have already been arrested for not wearing masks and most of them now have criminal records” (Police Minister Bheki Cele in mid-January)

We all know that wearing a face mask is the right and the safe thing to do, but it is also a legal requirement – and it’s one that you really don’t want to breach.

Firstly, can you be arrested for not wearing a mask?

The short answer is yes, the amended Disaster Management Act Regulations providing that –

  • Everyone (except children under six) must always wear a face mask (covering nose as well as mouth!) when in a public place.
  • It is a criminal offence not to comply with a verbal instruction to wear a face mask by an “enforcement officer” (defined to include SAPS and SANDF members, “peace officers” such as magistrates, Justices of the Peace, correctional services officers, municipal law enforcement officers and other designated officials). There are also reports of arrests without such an instruction being given beforehand, and as the police appear to be using their interpretation of the Regulations to conduct these “arrests without warning”, rather be safe than sorry – assume that if you have no mask you risk immediate arrest and prosecution.
  • You are liable on conviction to “a fine or a period of imprisonment not exceeding six months, or to both such fine and imprisonment.”
  • You need not wear a mask while undertaking “vigorous exercise” (not defined in the Regulations but presumably including fast running, cycling and the like – err on the side of caution here) provided that you continually maintain a distance of one and a half meters from any other person.
You could end up with a criminal record, and that’s real trouble

You can of course elect to go to court to fight the charge, but often you will also be given the alternative of paying an “admission of guilt” fine. 

It will be a tempting offer at the time but be careful – paying a fine is one thing but if you end up with a criminal record (an entry in the SAPS Criminal Record Centre database) you will regret it. Imagine for example a scenario where you apply for a job, or a travel visa, or a firearms licence, or for credit (such as a home loan). And suddenly up pops your long-forgotten criminal record, a nasty surprise at the worst possible time.

Plans to change the law so that only some admission of guilt fines will result in a criminal record have so far come to nought. So as the law stands you will end up with a “deemed” conviction and sentence – and thus a record – if you are arrested and your fingerprints are taken. Which is exactly what the Minister says will happen to you.

And once you have a criminal record, it’s not at all easy to get rid of it.

Three ways you can try to remove your criminal record  
  1. Firstly, you can apply for “expungement” of the record to remove it from the CRC database, but that option is only available to you after 10 years and for certain “minor offences”. It will also take a long time to process – “20 – 28 weeks” per SAPS. Note that some specified minor convictions fall away automatically after 10 years – ask for specific advice.
  2. Secondly, you could ask a court to set aside your conviction and sentence – costly, not an immediate fix, and not guaranteed to succeed.
  3. Thirdly, you could hope that planned amendments to our criminal procedure laws will retrospectively come to your aid – speculative for now.

The bottom line – wear your mask, and don’t admit guilt without legal advice!

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

Breaking any of our lockdown laws can be an expensive business, risking heavy penalties. 

If you are accused of a contravention and offered the option of paying an “admission of guilt” fine to avoid a court appearance, beware! It may seem like the easy way out to pay up and put the whole thing behind you but it could land you with a criminal record. 

You really don’t want to have a criminal record!

Having a criminal record comes with serious and lifelong negative consequences. Even an old and long-forgotten minor offence can hang around in the background until it suddenly pops up at the worst possible times – such as when you apply for a travel visa or a new job. 

When are you most at risk? 

The general rule is that you will acquire a criminal record if you are arrested, if the police open a docket and take fingerprints, and if you are thereafter convicted of a crime. 

The problem with admission of guilt fines is that they may well leave you with a “deemed” conviction and sentence which will end up in the CRC (SAPS Criminal Record Centre) database. Although there was talk in the past of the CRC capturing convictions with just your name and I.D. number the main risk seems to still be in having your fingerprints taken.

It’s not easy to get rid of a criminal record

And once you have a criminal record, it’s not easy to get rid of it.  

  1. Firstly, you can apply for “expungement” of the record to remove it from the CRC database, but that option is only available to you after 10 years and for certain “minor offences”. It will also take a long time to process – “20 – 28 weeks” per SAPS. Note that some specified minor convictions fall away automatically after 10 years – ask for specific advice.
  2. Secondly, you could ask a court to set aside your conviction and sentence – costly, not quick and not guaranteed to succeed.
  3. Thirdly, you could hope that planned amendments to our criminal procedure laws will retrospectively come to your aid – speculative and not yet in the pipeline.

The bottom line – if you are offered the option of paying an admission of guilt fine, ask for advice before you accept!

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews