Priya Chetty, regional director and tech law adviser, Endcode.

There is a growing need among nation states, including SA, to ensure there is adequate consideration of human rights in cyber security policy and legislative proposals.

This is according to Priya Chetty, regional director and tech law advisor for Endcode, speaking at a roundtable briefing in Johannesburg yesterday.

Globally, reflections on cyber security policy and legal approaches reflect a bias toward national security interests, she notes. Access to information and privacy are examples of human rights that can be limited when the priority is national security, adds Chetty.

"It is a particularly relevant conversation in SA, given that we have our Cyber Crimes and Cyber Security Bill before Parliament, and research points to several concerns over limitations on access to information, privacy and freedom of speech rights of South Africans in the current draft of the Bill."

The Bill aims to give SA a co-ordinated approach to cyber security.

It has come under significant criticism from local and international organisations on the extent to which human rights are adversely impacted, she notes.

Chetty points out while the 2017 Bill reflects that a number of concerns raised by civil society groups have been accounted for, there remain a number of concerns. Freedom of speech advocates note broad provisions on what constitutes hate speech and harm in the Bill place undue limitations on freedom of speech, she adds. "Privacy advocates are concerned with the powers of search and seizure afforded to law enforcement."

Chetty believes cyber security policy and laws must incorporate human rights safeguards. The laws and policies must be in line with the basic constitutional rights enjoyed by the South African citizens and not biased towards national security, she says.

"We need to emphasise the need for safeguards for human rights. One of the main issues raised with the Cyber Crime Bill is that more emphasis is put on national security and not enough on civilians' rights."

Chetty says policy-makers need to realise cyber security and human rights are not diametrically opposed but are actually complementary. Recognising that individual security is at the core of cyber security means protection for human rights should be at the centre of cyber security policy development, notes Endcode.

"The question before policy-makers and legislators globally is how do we strike a balance between safeguarding fundamental rights and freedoms while we pursue national security safeguards? Furthermore, when are the limitations on human rights excessive in the context of international and national doctrines of human rights?" says Chetty.

She points out South Africans need to have a conversation where cyber security becomes not just a national security issue but human rights as well. "As South Africans, we should be particularly cognisant of the hard won rights in our Constitution and that defending human rights is the responsibility of all citizens including cyber security stakeholders."