The Cyber Crimes Bill is inching closer to becoming law, as it was passed by the National Assembly in November 2018. In an ITWeb analysis, Corien Vermaak, cyber security specialist at Cisco, notes that the initial draft Bill was not well received, with critics saying it was too broad and open to abuse, and was a threat to the fundamental spirit of the Internet, which is open and democratic. ‘Subsequent changes to the Bill, including the removal of some of the security obligations, saw it drop the “security” part of the originally named Cyber Crimes and Cyber Security Bill. This leaves it to focus on building the computer crimes landscape. She says historically, SA relied on a light definition of computer crime encapsulated in the Electronic Communications and Transactions Act. Comparing SA to its international counterparts, Vermaak says ‘we are very late to adopt legislation; in the UK, computer crime was maturely criminalised in the 90s. The Budapest convention was signed in November 2001 and the African Union accepted model legislation in this regard in 2012 already’.