A summary of this committee meeting is not yet available.
JUSTICE AND CONSTITUTIONAL DEVELOPMENT PORTFOLIO COMMITTEE
7 June 2006
REPEAL OF BLACK ADMINISTRATION ACT AND AMENDMENT OF CERTAIN LAWS A/B: ADOPTION; REGULATION OF INTERCEPTION OF COMMUNICATIONS A/B: DELIBERATIONS
Chairperson: Ms F Chohan-Khota (ANC)
Documents handed out:
Repeal of Black Administration Act & Amendment of Certain Laws A/B [B11-2006]
Regulation of Interception of Communications and Provision of Communication-related Information Amendment Bill [B9-2006]
Portfolio Committee Amendments to Repeal of the Black Administration Amendment Bill
Proposed Amendments to Regulation of Interception of Communications and Provision of Communications-related Information Amendment Bill – as of 7 June 2006
Virgin Mobile Amendments to Regulation of Interception of Communications and Provision of Communications-related Information Amendment Bill
The Committee unanimously approved the amendments to the Repeal of Black Administration Act and Amendment of Certain Laws Amendment Bill.
Before considering the latest draft of the Regulation of Interception of Communications and Provision of Communications-related Information Amendment Bill, the Department clarified some of the concerns raised by Members as to possible legal or other difficulties that arose from the unusually prolonged period in passing the legislation.
Certain definitions in Clause 1 were amended and the scope of the definition of ‘family member’ would be narrowed down. Clause 2 amended Section 40 in the principal Act regarding the detail of information to be captured and stored by the mobile telecommunications service provider, and the kind of documentation that could be produced as proof of identity by the customer, including foreigners. It stipulated the process of activation, both for first time customers and subsequent transfer of SIM-cards and cellphones between individuals. Possible options regarding the address of the customer were explored, and the clause required the Minister of Communications to prescribed security standards for the facility the mobile telecommunications service providers would use to store the personal data of the customers.
The Committee proposed the amendment to Clause 3 to target the offence to the individual registration officer in the employ of a telecommunications service provider or any person acting as an agent of a telecommunications service provider, and the provision must also stipulate the number of years imprisonment.
Clause 4 outlined the detailed information of both South African citizens and foreigners that must be captured, stored and verified by the mobile telecommunications service provider, and the kind of documentation that could be furnished as proof of identity. The provision made it clear that the process must be completed within 12 months of the commencement of the Bill. The Department of Communications must be consulted on Clause 5, which required the Minister of Communications to determine the remuneration of registration officers. The impact of the Bill on number portability was briefly considered.
It was not likely that the Committee would pass the Bill within the prescribed time period, and the Department was considering alternative solutions.
Repeal of Black Administration Act and Amendment of Certain Laws A/B
The Chief Director of Legislation in the Department of Justice, Mr Lawrence Bassett, said that after consulting the principals within the Department it had been agreed to extend the deadline for the repeal of the Black Administration Act from 31 July 2007 to 30 September 2007 as discussed in the meeting the day before. This extension was requested due to issues related to the Parliamentary timetable and the processes that the substitute legislation had to go through. He had drafted an amendment that substituted 31July 2007 for 30 September 2007.
Mr Bassett had also drafted a second amendment that gave effect to the Department of Land Affairs’ (DLA) request that the Minister of Land Affairs be given the power to delegate the approval of certain applications in Section 1(8)(e) of the Act to the Director-General of Land Affairs.
The Chairperson thought that 30 September 2007 was a better option but said that nothing prevented the Committee from passing the legislation prior to that date. She reminded the Committee that this was a very complicated area of the law that included substantive constitutional issues. There were also a host of stakeholders such as the traditional leaders and chiefs who currently had the authority to preside over traditional courts. They thus had jurisdiction over such matters and needed to be consulted.
She requested the Department to submit a report by March 2007 that would give the Committee an indication as to how far the Department had gone in terms of preparing for the processing of the legislation. The report should also give the Committee some sense as to planning leading up to the introduction of the legislation. Members would need specific dates by which the legislation would come before Parliament. She hoped that the Committee would still be able to pass the legislation by the 31 May 2007, as the Department had optimistically predicted.
As far as the amendment requested by the DLA was concerned, the Chairperson wondered whether the word ‘categories’ should not be inserted into that provision. It might be possible to delegate certain categories of applications in a manner that was “bureaucratic”, but there were others that the Minister would have to approve herself. The Minister would thus have to have sight of applications in these categories first, before delegating them to the Director-General.
It was agreed that the paragraph would now read,
“(c) The Minister responsible for land affairs may, subject to any condition he or she may determine, in writing delegate the power to approve certain categories of applications contemplated in paragraph (b) to the Director-General: Land Affairs.”
Mr Bassett said that the long title would now read “to amend the Repeal of the Black Administration Act and Amendment of Certain Laws Act 2005 so as to substitute a date to delegate a power and to provide for matters connected therewith”.
Mr Herman Smits (State Law Advisor) pointed out that the Bill did not seek to delegate the power but to provide for the delegation of a power.
The Committee unanimously approved the amendments to the Act.
Regulation of Interception of Communications and Provision of Communications-related Information Amendment Bill
She stated that Adv T Rudman, Department of Justice Deputy Director-General: Legislative and Constitutional Development, would clarify some of the concerns raised by Members as to whether in fact there were legal or other difficulties that arose from the unusually prolonged period in passing the legislation which began as far back as 1992.
Briefing by Department on timeframes in the Bill
Adv Rudman explained, by way of background information, that before 1 February 1993 the interception of communications was regulated by Section 118A of the Post Office Act of 1958. The Interception and Monitoring Prohibition Act of 1992 was placed on the statute book in 1992 and was implemented by the President on 1 February 1993. Section 9 of that Act repealed Section 118A of the Post Office Act of 1958.
The 1992 Act dealt primarily with the provision of interception of fixed line communications, as well as postal matters. The 2002 was placed on the statute books on 30 December 2002, and Section 63 of that Act stipulated that it would come into operation on a date to be fixed by the President by proclamation in the Government Gazette. The 2002 Act regulated the interception of communications which included postal matters and fixed line communications, as was catered for in the 1992 Act, but also regulated Internet-related communications and mobile cellular communications. In terms of Section 63 of the 2002 Act the President determined 30 September 2005 as the date on which the Act, with the exception of Sections 40 and 62, would come into operations. Sections 40 and 62(6) of the 2002 Act were the provisions which the current Bill focused on. It also determined that 30 November 2005 as the date on which Sections 40 and 62(6) would come into operation. That date was later extended to 30 June 2006.
The legal position at this stage was thus as follows: the 1992 Act was still in operation. The whole of the 2002 Act has been put into operation, except for Sections 40 and 62(1)-(6). The entire 2002 Act commenced on 30 September 2005 and Sections 40 and 62(6) would commence on 30 June 2006, unless Parliament decided to extend that date. A date for the commencement of Section 62(1)-(5) still needed to be determined. Section 62(1) of the 2002 Act repealed the 1992 Act, but that Section has not yet come into operation. Thus the 1992 Act still applied.
He concluded the point by stating that the effect of the above mode of implementation was that the 1992 Act still regulated the interception of communications, until it was repealed by the implementation of Section 62(1). The 2002 Act would then become applicable. The rationale behind the model was, very briefly, that the 2002 Act was drafted in such a manner that it deliberately and expressly made provision for an incremental implementation process. That allowed the necessary infrastructure and the directives that gave effect to the provisions of the Act to be put in place. Whilst that infrastructure was being put in place, the 1992 Act still remained in operation.
The infrastructure and directives referred to pertained to the establishment of an interception center, which needed to be established with the capacity to receive communications that were duplicated and routed by the various telecommunication service providers to the interception center. Much progress has been made in putting that infrastructure in place. At the moment that interception center had the capacity to intercept fixed line communications and mobile cellular communications, and was currently in the process of finalizing the installation of equipment that would be able to deal with the interception of Internet-related communication.
Secondly, the various telecommunication service providers also had to reconfigure their communication systems to ensure they would have the capacity to duplicate and route intercepted communications to the interception centre, and that they would be able to store certain kinds of communication. Directives had to be issued by the Minister of Communications to the telecommunications service providers, which determined the manner in which such telecommunications service provider must render a telecommunications service, which had the capability to be intercepted and to store communication-related information.
There were further aspects of the Act that also needed to be finalized within certain timeframes. For example, the Minister of Justice had to a notice in the Government Gazette that prescribed the forms of assistance in the execution of a direction for which a postal service provider, telecommunications service provider or encryption key holder must be compensated. The Minister of Justice also had to issue directives prescribing the manner in which lost, stolen or destroyed cellphones must be reported, and also had to prescribe or declare certain equipment to be listed equipment for the purposes of the Act.
The new Act therefore had to be put into operation to place the Department in a position to deal with all those issues. Yet as he indicated the 1992 Act still applied until Section 62(1) of the 2002 Act was put into operation, which repealed the 1992 Act in its entirety.
He stated that all this was reflected in a press statement released by the Department of Justice when it implemented the Act, on 28 October 2005. The Department was quite happy, from a legal point of view, that the 1992 and 2002 Acts could live together and that interceptions currently be dealt with in terms of the 1992 Act while the Department was in the process of doing the necessary to enable it to fully implement the 2002 Act.
Mr S Robertse, State Law Advisor from the Department of Justice, informed the Committee that the Department had received a submission from Virgin Mobile. Although the specific concerns raised by Virgin Mobile were not included in the document on the summary of submissions dealt with on the previous day's meeting, its concerns were similar to those covered at the previous day's meeting. The submission contained specific technical amendments.
The Chair thanked Mr Robertse for explaining.
Ms I Botha, State Law Advisor from the Department, stated that a draft of the Bill had been prepared and provided to Members, which reflected the proposed amendments from the previous day's discussions which both she and Mr Robertse believed were workable. She stated that they had not yet had time to pass the proposed amendments by their political principals within the Department. She proceeded to take the Committee through the draft document.
Clause 1: Amendment of Section 1 of Act 70 of 2002
Ms Botha stated that the definition of the term 'activate' had now been included to reflect the Chair's proposal that the customer have full access to the telecommunication services network, and that it not only be restricted to emergency and customer care calls.
Ms Botha stated that sub clause (c) was inserted to accommodate the concern raised by Ms S Camerer (DA) on the previous day. It now included a person who was not related to the transferor by law or biologically. She informed the Committee that this provision was not a new invention, as a very similar provision was contained in the Childrens Bill.
The Chair noted that the provision did not refer specifically to dependency but instead to 'a relationship of responsibility', and asked whether that term was not used because the term 'dependency' was already fixed in law.
Ms Botha answered in the affirmative. She explained that 'dependency' referred to a vertical parental relationship and it was felt that © in fact included a horizontal application of the relationship. This would include taking care of someone over which one did not really have parental responsibility, such as an older person or neighbour's father. She was however willing to reconsider the wording, should the Committee so wish.
The Chair stated that her concern was that the phrase “relationship of responsibility' was too wide. She requested Ms Botha to reconsider the phrasing.
The definition was broadened to include a drivers licence, as proposed by the Chair on the previous day.
The Chair asked whether this referred to the drivers license in card-form, or whether it referred to the old form as well.
Ms Botha replied that it referred to the new card-form drivers license, because the old form was no longer valid.
Clause 2: Substitution of Section 40 of Act 70 of 2002
Ms Botha stated that the heading was changed because future amendments could be effected which would then run against the restrictive content of the provision, which referred only to a 'cellular phone and SIM-card'. It thus placed the obligation firmly with the telecommunications service provider to maintain and store that information.
She stated that 40(1)(b) was also amended to ensure that, as proposed by the Chair at the previous meeting, all the information contained in 40(2) must be recorded and stored before the cellphone was switched on. That then created a direct linkage between 40(1) and the detailed information required in 40(2).
The amendment to the proposed Section 40(2)(a) now referred tot he MSISDN number of the customer and not the SIM-card because, as explained previously, the MSISDN was a unique identification number for the specific customer.
The Chair expressed concern with the inclusion of 'customer' in the provision, Her concern was that 'customer' was defined in the Bill as someone who was already receiving a telecommunications service. The proposed Section 40(2) was however a step before that and instructed the telecommunications service provider not to provide any services to a person who had not yet registered and provided the required information. She was of the view that it was thus not correct to refer to a 'customer' in 40(2), and stated that it required further consideration.
Ms Botha agreed with the Chair's concern. The wording could be altered to state “the person who wanted to activate a SIM-card”.
The Chair agreed, as that would prevent any legal problems due to the interpretation of the provision.
Ms Botha explained that 40(2)(c) was amended to clarify that the identification documentation included a passport, as proposed by the Chair on the previous day.
The Chair was concerned that the formulation would not deal adequately with foreigners, because their passports would not necessarily include their identification number as well. The Committee was trying to formulate a “one size fits all” provision, and it must thus be made clear that both local and foreign person must provide their identification numbers.
Both Ms Botha and Mr Smuts were satisfied that the current formulation adequately dealt with the verification of foreigners.
The Chair requested Ms Botha and Mr Robertse to reformulate the provision so as to include her proposal.
Ms Botha continued and informed the Committee that the reference to postal address was deleted from 40(2)(c). The decision was influenced by the SAPS submission which indicated that the postal address would not really assist in identifying or tracking down the person.
The Chair agreed provisionally with the formulation and requested that it be retained as a possible option. She requested the drafting of an alternative formulation which provided for the situation in which the person did not have a residential address but had a business address.
Ms M Meruti (ANC) was concerned that such a formulation would not accommodate persons in the deepest rural areas, who lived on farms, for example.
The Chair assured Ms Meruti that she had already requested Ms Botha and Mr Robertse to draft a provision that accommodated her concern. They have not yet had a chance to include that formulation in the draft currently being discussed. She did however disagree with the proposed deletion in toto of the reference to a postal address in the Bill, until the requested formulation had been drafted.
Ms Botha stated that the information required from foreigners in 40(2)(d) had been bolstered, to give effect to the request in the SAPS submission.
The Chair stated that the concern she raised earlier regarding the provision of the identity number of the foreigner was relevant here as well. She stated that a separate clause dedicated to foreigners might have to be drafted. The matter would be considered further.
Ms Camerer asked how the new proposed Section 40(2)(d) would affect roaming cellphone calls.
The Chair stated that foreigners who entered the country would have to register with the telecommunication service provider, and would not simply be allowed to roam. Its those persons specifically whose details must be captured, so that the LEA's could pinpoint their actual location. That was the biggest loophole at the moment.
Ms Camerer expressed her total disbelief at the fact that roaming would not be allowed in South Africa, when it was common practice throughout the world.
The Chair stated that that was an incorrect perception that people all over the world were allowed to roam, except in South Africa. Every foreigner who entered the country and wanted to use its telecommunications network would have to register at every airport or border post when entering the country. It was a simple process. .
Ms Botha continued by explaining the two options formulated for 40(3). The question was whether the provision should list exhaustively the kinds of documentation that could be provided, or whether a generic provision should be opted for.
The Chair cautioned against too prescriptive a list, as that could result in too restrictive an interpretation of the provision. She ruled that a balance must be struck.
Ms Botha agreed. She stated that 40(4)(c) was now amended to reflect the Committee's proposal that the Minister prescribe the security standards, via regulation. The precise consequences of such prescription would however have to be considered further.
Mr Robertse stated that there might be a time delay.
The Chair disagreed, because a process very similar to that followed for the implementation of the 2002 Act would be followed. The Bill would come into effect and because it stipulated that the Minister 'may' make such determination, she need not have to. She stated that the provision must be included so as to put in place a system for setting standards for the security of information captured because an absence of such a provision, she feared, would result in courts throwing out information because they believed it had not met adequate security standards.
Secondly, the Bill could not require telecommunications service providers to put in place a facility for the storage of the information and then punish them for failing to comply, when the Bill did not even prescribe the standards to be followed in complying. The standards would however be determined over time and on an incremental basis.
Mr Robertse informed the Committee that the Minister of Communications did inf act issue certain directives regarding how a telecommunications service provider must comply with the provisions of the Act, and certain security standards were provided for in those directives. Secondly, certain provisions in the telecommunications service providers' licenses prescribed security standards to safeguard the privacy of their customers. Thirdly, there were certain provisions in the Act which prohibited the telecommunications service providers from disseminating information to another person, as it would constitute a breach of the privacy of the customer. Fourthly, the term 'secure' was a standard industry term which required the person or institution to limit access to the confidential information to a certain category of authorised personnel. He concluded that there were thus security measures already in place.
Ms Botha added that it must be borne in mind that there were other pieces of legislation, whether subordinate or otherwise, that already referred to the security aspect, and where already in place.
The Chair stated that her concern was that, although there were security standards that were currently prescribed, The proposed Section 40(4) referred to the specific facility that would house the personal data of the customers of the telecommunications service provider.
Secondly, the wording of 40(4) was very loose because it did not restrict the designation to specific officials within the telecommunications service provider. She believed that over time the veracity of that information would be questioned by a court when it was submitted as evidence. The legislation must thus provide a mechanism whereby the Minister would be able to inform the telecommunications service providers that the information was not secure or that they were not designating the proper officials etc.
The more immediate problem was that, as she stated earlier, the provision sanctioned the telecommunications service providers without making it clear what the specific standards that they were required to follow were. The criteria would have to be prescribed via regulation, because the Committee did not have enough time at its disposal to decide on the criteria to be followed.
She requested Ms Botha and Mr Robertse to draft a provision to that effect.
Mr Smuts proposed that it stipulate “specifically designated by the telecommunications service provider to implement the process and capture and maintain the data”.
The Chair stated that the telecommunications service provider must be consulted as to whether such wording was satisfactory.
Ms Botha continued by informing the Committee that 40(5) was amended to reflect the Chair’s proposal that both the transferor and recipient of the cellphone or SIM-card would now have to be present before the registration officer. It also required the same kind of detailed information to be supplied as was required in the proposed Section 40(2). The two provisions were thus consistent with each other.
The Chair agreed
She stated that the proposed Section 40(6) gave effect to the Committee’s strong belief that the telecommunications service providers must verify the information received from their customers.
The Chair agreed with the formulation. She invited discussion on 40(5).
Ms Camerer approved of the process stipulated. It would do away with the approach in which the cellphone and SIM-card was first ‘soft de-activated’ when it was transferred to the recipient, who in turn was then required to inform the telecommunications service provider of the change of details.
The Chair approved of the seamless registration process provided for in 40(5), and approved of the legal obligation placed on both parties to appear before the registration officer. It was the best mechanism.
Ms Botha stated by way of background information to the amendments to the proposed Section 40(7), that Section 39 of the principal Act referred to kind of information that a fixed line telecommunications service provider would have to provide to an LEA upon request. It did thus not apply to mobile telecommunications service providers. The proposed Section 40(7) thus referred to Section 39 but also made it applicable to mobile telecommunications service providers.
She stated that the Chair had requested her and Mr Robertse to revisit the requirements of Section 39(3), especially since it was no longer required to keep paper copies of ID documents. A proviso was thus inserted in 40(7) that stipulated the requirement in Section 39 referred to the ID number of the person and not to a copy of their identity document. The result was that the telecommunications service provider, when approached by the LEAs in terms of Section 39, would now be able to provide the ID number secured during the registration process and would no longer have to provide a paper copy of the ID book.
It was thus merely a technical and consequential amendment arising from the fact that the telecommunications service providers no longer maintained a paper trail, as the Bill moved into electronic capturing mechanisms.
The Chair approved of the objectives of the provision, but questioned whether a less awkward wording was not possible.
Ms Botha explained that the proposed wording was commonplace, in essence.
The Chair requested Ms Botha and Mr Robertse to consider a less awkward formulation.
Ms Botha continued by informing the Committee that 40(8) was a new insertion, in response to the question raised as to what the registration officer would have to do should he realise the ID document submitted during the registration process was false. The provision now required him to immediately contact the nearest police station.
The Chair agreed. She proposed that the provision include the provision of a false address, to make it clear to the registration officers that they must report any sort of falsification.
Clause 3: Amendment of Section 15 of Act 70 of 2002
Ms Botha explained that the only amendment here was the insertion of 3C. It now made it an offence for a telecommunications service provider who did not report the provision of false information by a customer, and merely gave effect to the obligation introduced by 40(8).
The Chair stated that the provision must be reworded to refer to the individual registration officer in the employ of a telecommunications service provider or any person acting as an agent of a telecommunications service provider, and not to the telecommunications service provider as a legal persona. The provision must also stipulate the number of years imprisonment.
Clause 4: Amendment of section 62 of Act 70 of 2002
Sections 62(6)(a) and (b)
Ms Botha explained that the proposed 62(6)(a) and (b) stipulated that the telecommunications service provider must secure and store the MSISDN and IMEI number of a South African customer, as well as the full names and applicable address, within 12 months of the commencement of the Bill. It also required the telecommunications service provider to capture and store the country of origin and date of birth of a foreigner who wanted to access a South African telecommunications network.
She stated that 62(6)(c) now reflected the two options requested by the Chair, namely a very prescriptive list of documentation that could be provided as proof of identity, as well as a more generic provision. The former 62(6)(b) was deleted because the cross-references were no longer necessary.
The new 62(6)(d) proposed the deletion of a reference to ‘mobile cellular service’. She stated that she had discussed this with the State Law Advisor and it was agreed that the reference be deleted, because a mobile cellular service was included under a ‘telecommunications service provider’. It was merely a technical amendment. The references to the SIM-card and cellphone particulars was deleted, because the Committee requested that it refer to the detailed information required in 62(6)(b).
Sections 62(6)(e) and (f)
She explained that the new 62(6)(e) was identical to 40(7), and also made reference to Section 39 of the principal Act. The proposed Section 62(6)(f) was a new insertion, identical to 40(8).
The Chair asked whether juristic persons were covered in the provision. The previous legislation made specific provision for juristic persons.
Ms Botha replied that the decision was taken to not include them at this point in time. The reason was that a juristic person would usually be a post-paid customer, and for that reason all that information was already available. Furthermore, a ‘person’ was defined as both a natural and juristic person, and the Chair’s concern was thus covered.
The Chair stated that Ms Botha and Mr Robertse would have to reconsider whether the address requirement for juristic persons must not be tailored to refer only to a business address. The provision dealing with the verification of the information received from a juristic person would possibly have to be expanded to include company letterheads, for example.
Clause 5: Insertion of Section 62A to Act 70 of 2002
Ms Botha stated that the provision was inserted at the instance of the submission presented by one of the mobile telecommunications service providers. They expressed concern that the Competition Act precluded the mobile telecommunications service providers from concluding agreements amongst themselves on the remuneration of registration officers, and requested the Department to deal with it in the Bill.
She stated that the provision attempted to deal with the matter by requiring the Minister of Justice to determine the tariffs.
The Chair disagreed and stated that the Minister of Communications must be responsible for the determination. This provision would first have to be passed by the Department of Communications.
Impact of number portability
Furthermore, the Chair stated that the very important issue of number portability must also be borne in mind, and its impact on this provision.
Ms Botha stated that the Cell C submission proposed the placing of an obligation on the existing mobile telecommunications service provider to transfer the information on its customer to the new mobile telecommunications service provider.
The Chair stated that her concern here was the impact of the transfer on the registration of the MSISDN, especially if it remained the same on whichever mobile telecommunications network it was on. The question then was which mobile telecommunications service provider was required to record and maintain the customer’s information: was it the old mobile telecommunications service provider or the new one being migrated to. Her feeling was that it was the responsibility of the new mobile telecommunications service provider.
Mr Robertse agreed. A further question was how long the mobile telecommunications service providers would be required to store the information on their customers.
The Chair stated that the old paper-based system under the principal Act required the information to be retained by the telecommunications service provider for an indefinite period. She saw no reason why that requirement should be altered, as nothing has changed in the legislative framework as far as that issue was concerned.
Mr Robertse agreed.
Imam Solomon asked whether the customer’s SIM-card would remain the same when migrating from one mobile telecommunications service provider to another.
Mr Robertse replied that he was not sure, and would have to get back to the Committee.
The Chair stated that Ms Botha and Mr Robertse would now consider the proposals made by the Committee during this meeting and incorporate those into a new draft, which would be considered by the Committee on Friday 9 June.
She informed the Committee that it did not seem likely that the Committee would pass the Bill within the prescribed time period. The Committee had also received an additional joint submission from MTN and Vodacom, which it would have to consider. She discussed possibilities regarding timeframes with Adv D Rudman, Department of Justice Deputy Director-General: Legislation and Constitutional Development. The one option was to freeze the proclamation that Section 40 and 62(6) of the principal Act would come into operation on 30 June 2006, even though she remained hopeful that the Bill would be brought to a degree of finalisation before Parliament rose on 23 June 2006. She did not think it possible for the Bill to be passed in the House by that time, and it would then have to be done during the first week of the new session. The other option was to allow those two provisions to kick in, but nothing would happen. The Department was working on alternative solutions.
The meeting was adjourned.