Cybercrimes Act, 2020 (Act No. 19 of 2020)Chapter 4 : Powers to Investigate, Search, Access or Seize37. Wrongful search, access or seizure and restriction on use of instrument, device, password or decryption key or information to gain access |
(1) | A police official or an investigator who unlawfully and intentionally— |
(a) | acts contrary to the authority of— |
(i) | a search warrant issued under section 29(1); or |
(ii) | consent granted in terms of section 31(1); or |
(b) | without being authorised thereto under this Chapter or the provision of any other law which affords similar powers to a police official or an investigator— |
(i) | searches for, accesses or seizes data, a computer program, a computer data storage medium or any part of a computer system; or |
(ii) | obtains or uses any instrument, device, password, decryption key or other information that is necessary to access data, a computer program, a computer data storage medium or any part of a computer system, |
is guilty of an offence.
(2) |
(a) | Apolice official or an investigator who obtains or uses any instrument, device, equipment, password, decryption key, data or other information contemplated in section 29(2)(h)— |
(i) | must use the instrument, device, equipment, password, decryption key, data or information only in respect of and to the extent specified in the warrant to gain access to or use data, a computer program, a computer data storage medium or any part of a computer system in the manner and for the purposes specified in the search warrant concerned; and |
(ii) | must destroy all passwords, decryption keys, data or other information if— |
(aa) | it is not required by a person who may lawfully possess the passwords, decryption keys, data or other information; |
(bb) | it will not be required for purposes of any criminal proceedings or civil proceedings contemplated in Chapter 5 or 6 of the Prevention of Organised Crime Act, 1998, or for purposes of evidence or for purposes of an order of court; or |
(cc) | no criminal proceedings or civil proceedings as contemplated in Chapter 5 or 6 of the Prevention of Organised Crime Act, 1998, are to be instituted in connection with such information. |
(b) | A police official or an investigator who unlawfully and intentionally— |
(i) | uses any instrument, device, equipment, password, decryption key, data or information outside the authorisation of a warrant as contemplated in paragraph (a)(i); or |
(ii) | fails to destroy all passwords, decryption keys, data or other information as contemplated in paragraph (a)(ii), |
is guilty of an offence.
(3) | A police official or an investigator who contravenes or fails to comply with subsection (1) or (2), is liable on conviction to a fine or imprisonment for a period not exceeding 2 years or to both a fine and such imprisonment. |
(4) | Where a police official or an investigator is convicted of an offence referred to in subsection (1) or (2), the court convicting such a person may, upon application of any person who has suffered damage or upon the application of the prosecutor acting on the instructions of that person, award compensation in respect of such damage, whereupon the provisions of section 300 of the Criminal Procedure Act, 1977, shall apply with the necessary changes required by the context to such award. |