TY - JOUR
AU - Reddy,, Eveshnie
AB - ABSTRACT The purpose of this article is to determine the effectiveness of the Cybercrimes Bill of 2018 in investigating and prosecuting cryptocurrency crime. The method used to determine this enquiry is based on the analysis of certain criminal, procedural, and investigatory support provisions of the bill, accompanied by recommendations where necessary. An analysis of the Cybercrimes Bill of 2018 in its entirety falls outside the scope of this article. The significance of this enquiry rests on the increasing use of cryptocurrencies in criminal activity (including money laundering, investment scams, fraud, hacking, and cyber extortion). The investigation and prosecution of such criminal activity may be exacerbated by the unique characteristics inherent in a cryptocurrency; a cryptocurrency is an unregulated, online, encrypted (and thus pseudonymous) ‘currency’ denominated in its own units of value. Cryptocurrencies are thus an international online ‘currency’ with multijurisdictional presence. Any criminal activity associated with its use will therefore invariably possess a cyber-element. Such criminal activity will thus need to be addressed from a legal basis that caters for the criminal and procedural processes necessary in the investigation and subsequent prosecution of such crime. 1. CRIMINAL PROVISIONS (a) Unlawful Acquisition of Data According to the Cybercrimes Bill,1 data ‘means electronic representations of information in any form’,2 whereas ‘data message means data generated, sent, received or stored by electronic means, where any output of the data is in an intelligible form’.3 Cryptocurrencies4 are digital, online currencies that are created over the Internet and represented by an ‘address’ comprising of numbers and alphabets. Although there are many cryptocurrencies currently in circulation, bitcoin (btc)5 is the first and most widely used cryptocurrency. Bitcoin transactions, for example, comprise transaction inputs (TxIn), transaction outputs (TxOut), and cryptographic keys. To ensure the integrity of the transactions, public and private keys are used to transfer value from one person (or entity) to another and must be cryptographically signed each time transactions are made. One private (secret) key and a corresponding public key: the private key can be compared to a password needed to ‘unlock’ cryptocurrency funds whereas the public key (if converted to an address) can be compared to a public email address or bank account number. TxOut contains the recipient’s address (which is actually the public key) and the amount of bitcoin to be sent or spent. There is no physical manifestation of cryptocurrency (like in the case of fiat currency); it exists and manifests solely in digital form. Cryptocurrency thus qualifies as data. Section 3 criminalizes the unlawful acquiring of data and provides that: 3. (1) Any person who unlawfully and intentionally— (a) overcomes any protection measure which is intended to prevent access to data; and (b) acquires data, within or which is transmitted to or from a computer system, is guilty of an offence. (2) Any person who unlawfully and intentionally possesses data, with the knowledge that such data was acquired unlawfully as contemplated in subsection (1), is guilty of an offence. (3) Any person who is found in possession of data, in regard to which there is a reasonable suspicion that such data was acquired unlawfully as contemplated in subsection (1) and who is unable to give a satisfactory exculpatory account of such possession, is guilty of an offence. (4) For purposes of this section, ‘acquire’ means— (a) use; (b) examine or capture data or any output thereof; (c) copy data; (d) move data to— (i) a different location in a computer system in which it is held; or (ii) any other location; or (e) divert data from its intended destination to any other destination Subsection 1(a) and (b) of the above provision aims to criminalize the means in which data can be unlawfully acquired, including hacking, phishing, malicious code, and social engineering tactics. Hacking, for example, serves to gain unauthorized entry into computer systems for the purposes of stealing data. Within the context of cryptocurrencies, hacking serves two purposes. One, to gain access to the private key, which is the password to the wallet in which the cryptocurrencies are stored. Once acquired, the keys are then used to ‘open’ the wallet and steal the cryptocurrency. Two, the hacker could take control of the cryptocurrency mining pool and redirect all of its computing power to mine cryptocurrency for himself or herself. Mining is a technical process carried out by users on the network (miners) in order to ensure that (i) the cryptocurrency must belong to the person who wants to make the transaction and (ii) the cryptocurrency about to be sent was not previously sent (double spending). In addition, the hacker could also use malicious code to infect a specific miner or the system of a company that offers mining software. Malicious code (or malware) is designed to cause damage to a computer or network. It has the objective of bypassing authentication or securing remote access to computers and related devices. Bots or botnets, riskware (which comprises spyware, adware, hacker tools, and ‘joke’), viruses, and worms are types of malicious code.6 In this scenario, the malicious code will ‘look’ for the private keys stored on that particular system. In all the scenarios presented, there is the direct offence of the ‘unlawful acquisition’ of private keys (as stipulated in section 7 of the Cybercrimes Bill). These keys are used to decrypt the wallets in which cryptocurrency is stored, and once decrypted, the cryptocurrency is then stolen. (b) Unlawful Acquisition, Possession, Provision, Receipt or Use of Password, Access Codes, or Similar Data or Devices In addition, to section 3, section 7 of the Cybercrimes Bill, aims to criminalize the unlawful acquisition, possession, provision, receipt or use of password, access codes, or similar data or devices. In particular: 7. (1) Any person who unlawfully and intentionally— (a) acquires; (b) possesses; (c) provides to another person; or (d) uses, a password, an access code or similar data or device for purposes of contravening the provisions of section 2(1), 3(1), 5(1), 6(1), 8 or 9(1), is guilty of an offence (2) Any person who is found in possession of a password, an access code or similar data or device in regard to which there is a reasonable suspicion that such password, access code or similar data or device— (a) was acquired; (b) is possessed; (c) is to be provided to another person; or (d) was used or may be used, for purposes of contravening the provisions of section 2(1), 3(1), 5(1), 6(1), 8 or 9(1), and who is unable to give a satisfactory exculpatory account of such possession, is guilty of an offence. Section 7(3) stipulates that ‘passwords, access codes or similar data or device’ consists, without limitation, of the following (a) a secret code or pin; (b) an image; (c) a security token; (d) an access card; (e) any device; (f) biometric data; or (g) a word or a string of characters or numbers, used for— (i) financial transactions; or (ii) user authentication in order to access or use data, a computer program, a computer data storage medium or a computer system. Provisions (a), (g), (i), and (ii) are of particular significance for the following reasons: Cryptocurrencies are represented by an address comprising a ‘string of characters or numbers’. Cryptocurrencies are transferred through private and public keys, which are in effect a secret code or pin. Cryptocurrencies are used for financial transactions. Online wallets in which cryptocurrencies are stored can only be accessed/open using a secret code or pin (password). The provision is thus wide enough to include all the associated representations of a cryptocurrency. Sections 3 and 7 could therefore be used to successfully prosecute all or any online methods (and invariably include long-established online methods such as hacking, denial of service attacks, and malicious code) used to illegally acquire data, and thus cryptocurrency. In addition and despite that both provisions do not mention the word theft, these provisions could also be used to prosecute the theft of data which is inadequately catered for in section 13(5) of the Cybercrimes Bill.7 (c) Theft of an Incorporeal According to section 13(5), ‘the common law offence of theft must be interpreted so as not to exclude the theft of an incorporeal’. However, the common law offence of theft is currently defined as: A person commits theft if he unlawfully and intentionally appropriates8 moveable, corporeal property which (a) belongs to, and is in the possession of, another; (b) belongs to another but is in the perpetrator’s own possession; or (c) belongs to the perpetrator but is in another’s possession and such other person has a right to possess it which legally prevails against the perpetrator’s own right of possession provided that the intention to appropriate the property includes an intention permanently to deprive the person entitled to the possession of the property, of such property.9 It becomes problematic to reconcile section 13(5) of the Cybercrimes Bill10 with the current common law definition of theft because the above definition of theft does not include ‘incorporeal’ property. The current definition of theft by its very omission of the word incorporeal implies that legally or in principle, an incorporeal, which includes data, cannot be stolen.11 In practice, the opposite holds true as it is now a long established fact that both money and data are capable of being stolen online. Furthermore, despite the limitation (corporeal property), the theft of an incorporeal has been recognized to some extent, albeit unofficially, by South African courts.12 It thus remains to be seen if this provision could be used to prosecute the theft of cryptocurrency. (d) Cyber Fraud Chapter 2, section 8 provides that, ‘Any person who unlawfully and with the intention to defraud, makes a misrepresentation by means of data, causes actual prejudice to another person is guilty of the offence of cyber fraud’. This provision draws on the common law definition of fraud13 with the inclusion of the word ‘data’ and the exclusion of the words ‘potentially prejudice’ (as contained in the common law definition of fraud). Online or cyber fraud takes on many forms and generally uses deceit or trickery to acquire information (data) such as bank account passwords and numbers, identity numbers, or any other personal or valuable information that has the potential to facilitate the end goal of financial gain. Such fraud is perpetrated using ,social engineering tactics such as phishing and scams, malicious insiders, or network intrusions (such as viruses, worms, and other variants of malicious code). Cyber fraud is considered a computer-enabled crime rather than a cyber-dependent crime.14 However, this may not necessarily apply within the context of cryptocurrencies, and perhaps, herein lays the significance of this provision. First, as already alluded to, cryptocurrency, in contrast to fiat currency, exists solely in digital form. There is no physical manifestation of cryptocurrency. Its creation and livelihood is dependent on a computer system and the Internet. This means that any interaction (criminal or otherwise) with cryptocurrencies will therefore be dependent on a computer system. Secondly, the current common law offence of fraud and other relevant statutes15 may prove successful in the prosecution of traditional financial crimes (such as money laundering) committed over the Internet.16 However, such statutes may not be so easy to impute when cryptocurrencies (as opposed to fiat currency—rand, euro, etc.) are involved because cryptocurrency is not legally recognized as money in South African law. In 2014, the South African Reserve Bank issued a position paper on virtual currencies.17 According to the paper, cryptocurrencies are not legal tender nor do they fall within the legal definition of electronic money. The regulatory standards that apply to legal tender (fiat currency) therefore do not apply to cryptocurrencies. This means that cryptocurrencies are currently unregulated and thus exempt from consumer protections laws. Prosecutors and courts may thus grapple to understand its use in the commission of traditional financial crimes like Ponzi schemes (which are essentially investment scams) because such schemes are based on return of investment that is denominated in fiat currency. For example, in the State of Florida v. Espinoza,18 the judge ruled that bitcoin is not money (although it bears some attributes of money). The judge further contended that current statutes within the jurisdiction of Florida do not account for cryptocurrencies but are rather limited to financial instruments in which cryptocurrency could fall under. However, the statutes concerning financial instruments are too vague and thus cannot be imputed to account for cryptocurrencies. In stark contrast, in the United States v. Shavers,19 the court held that cryptocurrency is akin to money (although it does not legally constitute money) and therefore sentenced the accused to 1-year imprisonment for running a Ponzi scheme using cryptocurrency. A similar conclusion was reached in the United States of America v. Ulbricht.20 The defence contended that the accused cannot be charged for money laundering because bitcoin is not legally recognized as money. The judge rejected this argument by affirming that a lack of legal status does not detract from the core of a crime. The provision is based on the ‘misrepresentation by means of data’ and thus not limited to money. As cryptocurrency qualifies as data, and not money in the legal sense, this provision could therefore be used to prosecute any cyber fraud (including Ponzi schemes) that uses cryptocurrency as a tool in the facilitation of the fraud. However, the onus is on prosecutors and the courts at large to interpret this provision in so far as it relates to such offences. (e) ‘Cyber Money Laundering’ None of the criminal provisions in the Cybercrimes Bill21 allude to money-laundering activities that can be facilitated online. Such activities are referred to as ‘cyber’ money laundering22 and have come to take on a variety of forms. Cryptocurrencies, in particular, have become a popular ‘currency’ for laundering illegal proceeds. The criminal use of cryptocurrency in the facilitation of money laundering is perhaps best illustrated in the landmark case, United States of America v. Ulbricht23 in which the accused was sentenced to life imprisonment for money laundering, drug trafficking, and criminal enterprise. All of these crimes were facilitated on a ‘Dark Web’ website known as Silk Road24 and through the cryptocurrency bitcoin. Silk Road was a hidden website on the Internet that served as an international online marketplace that facilitated the sale of an estimated $183 million worth of illegal drugs. Secondly, Silk Road further enabled the anonymity of users by accepting payment only in the cryptocurrency bitcoin. Thirdly, in an effort to further anonymize transactions, Silk Road provided money-laundering services in the form of ‘mixers’ and ‘tumblers’. These services allowed users to transfer their bitcoins into a pool of existing cryptocurrencies thereby ‘mixing’ or ‘tumbling’ the funds and disarranging the transaction addresses of sender and receiver. As a result, ‘users’ ended up with newly generated bitcoin addresses, thereby obfuscating the financial trail and making it more difficult to trace. ‘Cyber money laundering’ remains undefined and thus non-criminalized in South African legislation. This is, however, not an impediment to the prosecution of cyber money laundering because the current definition25 of money laundering is not limited to offline means nor is it limited to money. According to the South African Law Reform Commission, money laundering is ‘the manipulation of illegally acquired wealth in order to obscure its true source or nature’.26 In addition, the POCA and the FICA27 contain definitions of money laundering that are not limited to money. Both pieces of legislation allude to money laundering as the disguising or concealment of proceeds from unlawful activity. According to the POCA, ‘property’ means money or any other movable, immovable, corporeal, or incorporeal thing and includes any rights, privileges, claims, and securities and any interest therein and all proceeds thereof.28 Although the bill does not allude to the crime of ‘cyber’ money laundering, it does create an avenue for the investigation of cases where cryptocurrency (or any other online means or online technology) may be used to launder money. For example chapter 5 of the bill provides guidance for investigators and police officials regarding the investigation of cybercrimes or ‘offences which have a cyber-element’.29 Ultimately, however, the successful investigation and subsequent prosecution of cyber money laundering will be dependent on the use of both cybercrime and existing money laundering legislation. (f) Cyber Extortion Section 10 criminalizes the offence of cyber extortion30and provides that: 10. Any person who unlawfully and intentionally— (a) threatens to commit any offence; or (b) commits any offence, contemplated in sections 3(1), 5(1), 6(1) or 7(1)(a) or (d), for the purpose of— (i) obtaining any advantage from another person; or (ii) compelling another person to perform or to abstain from performing any act, is guilty of the offence of cyber extortion. The provision criminalizes the threat of the commission of an offence and the actual commission of an offence for the purposes of obtaining any advantage from another person. The provision specifies that such threats or actual offences must be perpetrated in terms of the following sections to constitute cyber extortion. For example, section 3(1) aims to criminalize any methods used to unlawfully obtain data; section 5(1) aims to criminalize any method used to unlawfully interfere with data or computer systems; and section 6(1) aims to criminalize the unlawful interference with computer data storage medium or computer systems. In addition, section 7(1) subsections (a) and (d) aims to criminalize any means used to unlawfully acquire data. If any of these means (which in essence constitutes hacking) are used ‘for the purpose of obtaining any advantage from another person’ then such an offence is punishable under this provision and constitutes the offence of cyber extortion. In particular, ransomware features as the most prevalent type of malicious code targeted at cryptocurrencies. Ransomware serves to encrypt computer files and then demand a ransom in bitcoin or any other ‘high’ value cryptocurrency. In 2016, investigative television programme Carte Blanche reported that an unidentified number of South Africans were victims of a ransomware attack that demanded payment in bitcoin worth over a billion South African rands.31 Ransomware thus falls within this provision, as it is an unlawful (and most popular) method of extorting cryptocurrency (or any other ‘advantage’ such as goods, services, property, money, or information) from people or organizations. (g) Computer systems, Programs, and Networks-Related Offences The provisions in sections 4, 5, and 6 pertain to computer systems, programs, and networks. Section 4 criminalizes unlawful acts in respect of software or hardware tools; section 5 criminalizes unlawful interference with data or computer program; and section 6 criminalizes unlawful interference with computer data storage medium or computer system. Within the context of cryptocurrencies, these provisions would appear to be particularly useful in investigating and prosecuting software- and network-specific crimes such as the unlawful manipulation and alteration of open-source software programs. In such programs, only the users that are a part of the program can modify the software, but the modification is dependent on the unanimous agreement of the modification by all users on the network. In order to participate in the cryptocurrency network, one has to first download and install the open-source software that the specific cryptocurrency uses. For example, the cryptocurrency bitcoin uses open-source software known as Bitcoin Core. However, if a single miner or group of miners somehow obtain control of the system, by possessing more than 51 per cent of computing power on a cryptocurrency network, then such miners are free to do the following: Validate the same transaction more than once and thus destroy the order and validity of the blockchain. Prevent the confirmation of another person’s transaction. Multiple spending of the same coins. Thwart attempts of other miners from mining valid blocks. This provision is thus particularly significant in that it can be used to prosecute all of the aforementioned crimes that would (given its ‘network- and software’-related basis) otherwise be difficult to prosecute using existing cybercrime statutes (such as the Electronic Communications and Transactions Act).32 2. PROCEDURAL PROVISIONS AND INVESTIGATORY SUPPORT STRUCTURES (a) Powers to Investigative, Search, and Access or Seize The Criminal Procedure Act33 provides the legal basis for search and seizure procedures, and thus remains the entry point from which all criminal investigations begin.34 However, a limitation of the CPA lays in the absence of the provision for specialized procedures for the retrieving and securing of information from the online realm. Chapter 5 of the bill provides for a wide set of procedural powers specifically for police officials. These provisions are meant to be used in accordance with the procedural provisions as set out in section 35(1) of the CPA. Section 35(1) provides for ‘the forfeiture of any weapon, instrument or other article by means whereof the offence in question was committed or was used in the commission of such offence’.35 In cases where cryptocurrency is used (as either a tool or a target) in the commission of criminal activity, investigative authorities can in terms of section 35(1) of the CPA seize any ‘device’/s that was used to facilitate the crime in question. In addition, the Cybercrimes Bill provides for a set of Standard Operating Procedures specifically for the obtaining and preservation of electronic evidence. Section 39 provides for the expedited preservation of data direction and section 40 provides for the preservation of evidence direction. Section 31(1) provides for technical assistance from electronic service providers, financial institutions, and persons to a police official or investigator to search for, access, and seize an article. The purpose of these provisions is to assist investigators in the timely identification of criminal activities, collection of intelligence and evidence, and the analysis of retrieved evidence. (b) Extraterritorial Jurisdiction and Mutual Assistance and Agreements With Foreign States The Cybercrimes Bill36 provides for expanded jurisdiction, when assessed against existing legislation. Jurisdiction over cybercrimes perpetrated within South Africa, or by its nationals. In addition, section 23 of the Cybercrimes Bill provides for jurisdiction over crimes perpetrated in other countries on condition that those crimes have an ‘effect in the republic’. Cryptocurrencies are an international online currency and thus have a multijurisdictional presence. Crimes associated with cryptocurrencies will thus invariably have an effect in multiple jurisdictions. Extradition is thus an essential tool in the prosecution of cryptocurrency crime (and cybercrime at large). Sharma37 points out: extradition procedures serve not only to ensure that the accused are returned to their native country upon the closing of the trial but also to protect the rights of such persons. This ‘protection’ includes ensuring that there is sufficient evidence to present a prima facie case to warrant the extradition. Furthermore, the accused is protected by the speciality rule, which advocates that the accused can be tried only for the crimes for which he or she was extradited and not any other crime(s). The speciality rule thus limits a court in trying an accused for new or associated crimes linked to the original charge38 that may only emerge post the extradition. In addition, some jurisdictions do not recognize and thus have not criminalized certain cybercrimes. The Budapest Convention on Cybercrime serves as the primary multilateral mechanism for international cooperation on cybercrime.39 South Africa is treaty to the Budapest Convention but has not ratified the convention. Law enforcement must therefore use existing bilateral agreements in cases of dual criminality, which costs more in terms of resources and time, thus staggering cooperation. However, chapter 6 of the Cybercrimes Bill provides for mutual assistance with the investigation of cybercrimes and the preservation of evidence, which apply in addition to chapter 2 of the International Co-operation in Criminal Matters Act, 1996.40 In addition, chapter 12 provides for the creation of a framework to facilitate mutual co-operation between foreign states with respect to the investigation and prosecution of cybercrimes. Given the online and thus multijurisdictional presence of cryptocurrencies, strategic and collaborative efforts by investigative authorities on a global level are crucial in the successful prosecution of the crimes thereof. (c) Obligations of Electronic Communications Service Providers and Financial Institutions Chapter 9 of the Cybercrimes Bill41 makes it mandatory for electronic service providers and financial institutions to preserve any information that may possess evidential value. The bill however does not specify the scope of the definition of ‘financial institution’.42 However, crypto-exchanges (which are an integral part of the cryptocurrency ecosystem), offer a platform for the buying and selling of cryptocurrencies and thus could fall under the definition of ‘financial institution’. Crypto-exchanges could therefore be subject to these provisions. Furthermore, because cryptocurrencies qualify as data, crypto-exchanges could also assume the role of an electronic communication service provider as all transactions are carried out online. Within this context, crypto-exchanges can be viewed as ‘electronic communication service providers’ that facilitate the exchange (communication) of data (transactions) from one entity or person to another. This provision is particularly significant within the context of financial crime because cryptocurrencies are unregulated in South Africa and therefore not subject to the regulatory standards applicable to traditional financial institutions, merchants, remittance service providers, money service businesses (MSBs) and exchanges. Such regulatory standards include Know Your Customer (KYC) and due diligence as prescribed in legislation such as the FICA. These regulatory standards make it mandatory for financial institutions to keep accurate records of all client information, including personal identifiable information. Records containing personal identifiable information are therefore available and accessible to law enforcement, provided that they have the necessary legal authorization to search for and/or seize such information as prescribed in the CPA. This is not the case with cryptocurrencies. For example, the moment a bitcoin transaction enters the ‘real world’—in other words it is used to buy something or convert to fiat currency—then there is an interaction between a bitcoin address and some entity like a merchant or an exchange that knows the identity of the sender. Investigators can then contact that merchant/exchange and ask for the details of the sender. Theoretically, investigators, with the assistance of computer forensic experts, could follow the chain of transactions back all the way to the point where they originated. This provision therefore provides a legal point of entry for investigators in obtaining personal identifiable information that may possess evidential value. (d) Attainment of Requisite Skills Chapter 10, section 54 of the bill places an obligation on the South African government to ensure the following: (2) (a) The Cabinet member responsible for policing must— (i) establish and maintain sufficient human and operational capacity to detect prevent and investigate cybercrimes; (ii) ensure that members of the South African Police Service receive basic training in aspect relating to the detection, prevention and investigation of cybercrimes; and (iii) in cooperation with any institution of higher learning, in the Republic or elsewhere, develop and implement accredited training programs for members of the South African Police Service primarily involved with the detection, prevention and investigation of cybercrimes. Provisions 2 (a) (i) aims to establish an operational capacity to detect and investigate cybercrimes. In particular, experts such as computer or digital forensics experts are central to the detection and investigation of cybercrimes. The process of detecting and retrieving evidence from websites and technological devices is a difficult process that requires requisite information technology (IT) and computer forensic skills. Any error, technical malfunction, prejudicial interference or fabrication made at any stage of an investigation, can impede the evidentiary value of the data collected and consequently render it inadmissible as evidence. The need for the creation of an expert team in the field of digital or computer forensics to assist investigators in the detection and subsequent investigation of cybercrime was acknowledged many years ago. This led to the provision of ‘cyber inspectors’43 as stipulated in the ECT Act, which was promulgated sixteen years ago. However, there is currently a paucity of skilled and competent forensic experts in South Africa. In a 2017 submission on the Cybercrimes Bill to the South African Portfolio Committee on Justice and Correctional Services, forensic expert Jason Jordaan highlights that based on research on the quality assurance of digital forensics in South Africa, currently: Only 59 per cent of forensic practitioners have completed an undergraduate degree or diploma, of which only 43 per cent had an undergraduate qualification relevant to the practice of digital/computer forensics; At a bachelor’s degree level, only 0.09 percent of practitioners have a Bachelor of Science degree in Computer Science, which is one of the specific qualifications recommended for digital forensic and; Only 23 per cent of digital/computer practitioners have a relevant post-graduate qualification.44 The aforementioned concerns will have to be fully resolved in order for the bill to provide for a competent and skilled operational capacity to detect and investigate cybercrime. As exemplified by the head of the Electronic Crime Unit of South African investigative body, the Hawks, “the Cybercrimes Bill is not a ‘silver bullet’; we still lack the skills to catch cyber criminals.”45 Provision 2 (a) (iii) aims develop bespoke training programs for investigators. Due to the direct involvement of investigators in cybercrime cases, it is imperative that investigators have a basic understanding of computer/digital forensics. Within this context, guidance should be sought from skilled and established investigative authorities such as the Federal Bureau of Investigations (FBI), Interpol and the European Police Office (Europol). Such authorities collaborate on a consistent basis to discuss cybercrime investigation and prevention. Once such example is the Cryptocurrency Investigation Training course that was spearheaded by these authorities. Participants from over twenty-two countries attended the course. The course focused on bitcoin investigations, collaborative international casework, and avenues for obtaining information, thus providing participants with a new skill set. (e) The Creation of a Knowledge Base for All Criminal Justice Role Players The bill provides for the establishment of a Designated Point of Contact for the purposes of providing technical and legal assistance. The Point of Contact should however also be used to bring together all role-players in the criminal justice system (investigators, prosecutors, judges, and front office police officers) for the purpose of creating a knowledge base on cryptocurrency. This knowledge base should include a good understanding of the ways cryptocurrency can be used in the facilitation of criminal activity. The role of front office police officers cannot be overlooked within this context. The police are the first point of entry when a crime is reported. It is therefore essential that all police officers are educated on the basics of cryptocurrency to accurately document the nature of the crime reported and facilitate the subsequent investigative processes to be followed. The Designated Point of Contact could also serve to create and establish a national working group on cryptocurrency (and perhaps any contemporary criminal phenomenon). This would provide key role-players in the cryptocurrency ecosystem (software engineers, exchange companies, wallet providers, and computer-science practitioners), academics, investigators, and prosecutors with a platform to engage on cryptocurrency matters within the context of investigation and crime prevention. 3. CONCLUSION The provisions in the Cybercrimes Bill of 2018 can be used to effectively investigate and successfully prosecute crimes facilitated by or targeted at cryptocurrencies (and other emerging online technologies) but may be hampered by a lack of understanding by investigators and prosecutors. However, the bill does not recognize and thus does not aim to criminalize any online means in which money or proceeds from illegal activity may be laundered, and therein lays a limitation of the bill. Within this context, existing common and statutory law that criminalizes money laundering must be relied on. Although the bill serves an adequate basis for the investigation and prosecution of cryptocurrency crime (and cybercrime in general), the full potential of the bill can be realized only if the provisions of the bill are well understood. It is therefore submitted that the current focus should be on relevant skills acquisition for investigators; the attainment of a knowledge base for all criminal justice role-players (front police officials, prosecutors, and judges); and the creation of national and global partnerships to facilitate investigative, extradition, and prosecutorial processes. Footnotes 1 The Cybercrimes Bill B6-2018. 2 Chapter 1, section 50 of the Cybercrimes Bill B6-2018. Hereinafter also referred to as ‘the bill’. 3 Ibid. On this note, Swales pointed out the disparity within the definitions of data message contained in the Electronic Communications Act 25 of 2002 and the Cybercrimes Bill B6-2018. See L Swales ‘An Analysis of the Regulatory Environment Governing Hearsay Electronic Evidence in South Africa: Suggestions for Reform—Part One’ (2018) 21 PER/PELJ 4–5. 4 For more information on the technical underpinnings of bitcoin and other cryptocurrencies, see A Narayanan, J Bonneau, E Felton, A Miller and S Goldfeder Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction (New Jersey: Princeton University Press, 2016). 5 See S Nakamoto ‘A Peer-to-Peer Electronic Cash System’ (2008) https://bitcoin.org/bitcoin.pdf (12 November 2018). See also https://coinmarketcap.com/ for a list of all the cryptocurrencies in circulation and its respective market value. 6 CC Elisan Malware, Rootkits and Botnets: A Beginner’s Guide (New York: McGraw Hill, 2013). 7 Section 13(5) of the Cybercrimes and Bill B6-2018. 8 Note that this is the revised definition of theft—the word contrectatio has been replaced with ‘appropriation’. For a justification on this, see CR Snyman Criminal Law (6th edn LexisNexis South Africa 2014) 487. 9 Criminal Law, above n 8, 483. 10 Chapter 2, section 13(5) of the Cybercrimes Bill B6-2018. 11 See MN Njotini ‘Re-Positioning the Law of Theft in View of Recent Developments in ICTS—The Case of South Africa’ (2016) 19 PER/PELJ. 12 See S v. Graham [1975] (3) SA 569 (A) and S v. Harper and another [1981] (2) SA 638 (D). More recently, see S v. Ndebele [2012] 1 SACR 245 (GSJ). 13 Defined by Snyman as ‘the unlawful and intentional making of a misrepresentation which causes actual prejudice or which is potentially prejudicial to another’. Criminal Law, above n 8, 528. 14 S Mabunda ‘Is It Cyberfraud or Good Ol’ Offline Fraud? A Look at Section 8 of the South African Cybercrimes Bill’ (2018) JACL 2, 61. 15 Such as the Prevention of Organised Crime Act (POCA) 121 of 1998, the Prevention and Combating of Corrupt Activities Act 2004 (PRECCA), and the Financial Intelligence Centre Act (FICA) 1 of 2018. 16 S Snail ‘Cyber Crime in South Africa—Hacking, cracking, and Other Unlawful Online Activities’ (2009) JILT 7. 17 South African Reserve Bank ‘Position Paper on Virtual Currencies’ (2014) https://www.resbank.co.za/RegulationAndSupervision/NationalPaymentSystem(NPS)/Legal/Documents/Position%20Paper/Virtual%20Currencies%20Position%20Paper%20%20Final_02of2014.pdf (12 November 2018). 18 11th Judicial Circuit Court, 2016 (No. F14-2923). 19 US District Court, Southern District of New York, 2016 (No 15-cr-00157). 20 2nd United States Circuit Court of Appeals, 2017 (15) US 1815. 21 The Cybercrimes Bill B6-2018. 22 See J Joosten Combating Cyber Money Laundering: Selected Jurisdictional Issues (LLM thesis University of Western Cape 2010). 23 United States of America v. Ulbricht, above n 20. 24 See N Christin ‘Travelling the Silk Road: A Measurement Analysis of a Large Anonymous Online Marketplace’ (Working Paper Carnegie Mellon University 2013). 25 On this note, Van Jaarsveld argues that, ‘a purely functional definition money laundering should describe money laundering as any type of conduct aimed at concealing the nexus that exists between money and a criminal activity’. See IL Van Jaarsveld Aspects of Money Laundering in South African Law (LLD thesis University of South Africa 2011) 158. 26 The South African Law Commission Project 104 ‘Money Laundering and Related Matters Report’ (August 1996). 27 Section 1 of the Financial Intelligence Centre Act of 2018. 28 Section 1 of the POCA 121 of 1998. 29 Chapter 5, section 40 of the Cybercrimes Bill B6-2018. 30 See S Mabunda ‘Cyber Extortion, Ransomware and the South African Cybercrimes and Cybersecurity Bill’ (2018) Statute Law Review 9. doi:10.1093/slr/hmx028 31 Carte Blanche ‘Ransomware’ (22 October 2015) http://carteblanche.dstv.com/player/916354/ (12 May 2018). 32 Electronic Communications and Transactions Act 25 of 2002. Hereinafter referred to as the ECT Act. 33 Criminal Procedure Act 51 of 1977. Hereinafter referred to as the CPA. 34 V Basdeo ‘The Constitutional Validity of Search and Seizure Powers in South African Criminal Procedure’ (2009) 19 PER/PELJ 308; J Burchell and J Milton Principles of Criminal Law (3rd edn Juta and Company Ltd. Lansdowne 2005) 1004. 35 Section 35 (1) of the CPA. 36 Section 23 of the Cybercrimes Bill B6-2018. 37 V Sharma Information Technology: Law and Practice, Law and Emerging Technology, Cyber-Law and Ecommerce (3rd edn Universal Law Publishing Co. Pvt. Ltd. Delhi 2011) 359. 38 See also Whitehead v. The State [2007] SCA 171 (RSA) at [42]. 39 K Kittichaisaree Public International Law of Cyberspace (Switzerland: Springer, 2018) 26. See article 22 of the Budapest Convention on Cybercrime. See also J Clough ‘A World of Difference: The Budapest Convention on Cybercrime and the Challenges of Harmonisation’ (2014) 40 Monash University Law Review 698–736. 40 Chapter 6, section 44 (25) of the Cybercrimes Bill B6-2018. 41 Chapter 9 of the Cybercrimes Bill B6-2018. 42 According to the Cybercrimes Bill B6-2018, ‘financial institution’ means a financial institution as defined in section 1 of the Financial Services Board Act 1990 (97 of 1990). 43 Chapter XII of the Electronic Communications and Transactions Act 25 of 2002. 44 J Jordaan, `Submissions on the Cybercrimes and Cybersecurity Bill’ available at pmg.org.za/files/170913DFIRLABS.pdf (10 August 2017). (2 February 2019). 45 Brigadier Piet Pieterse, Head of the Electronic Crime Unit of the Hawks, made this statement in 2015. See S Naik & R Serumula ‘Dark Web thriving in SA’ (17 October 2015) https://www.iol.co.za/news/south- africa/dark-web-thriving-in-sa-1931641 (3 May 2017). In addition, Pieterse advised, “Unlike the FBI, we can’t go into the Dark Web and pose as buyers or seller of drugs, for example, to catch the criminals. We work with intelligence we gather.” However, a 2018 news article reported that according to current police commissioner, General Khehla Sitole, police are currently working to catch drug criminals that operate online. This indicates that perhaps some progress is being made within a skills attainment context. See A Hyman ‘SA will police the dark web to catch organised criminals, says commissioner’ https://www.businesslive.co.za/bd/national/2018-02-13-sa-will-police-the-dark-web-to-catch-organised-criminals-says-commissioner/ ( 2 August 2018). © The Author(s) 2019. Published by Oxford University Press. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com. This article is published and distributed under the terms of the Oxford University Press, Standard Journals Publication Model (https://academic.oup.com/journals/pages/open_access/funder_policies/chorus/standard_publication_model)
TI - Analysing the Investigation and Prosecution of Cryptocurrency Crime as Provided for by the South African Cybercrimes Bill
JF - Statute Law Review
DO - 10.1093/slr/hmz001
DA - 2019-03-05
UR - https://www.deepdyve.com/lp/oxford-university-press/analysing-the-investigation-and-prosecution-of-cryptocurrency-crime-as-SLYRfoBpcB
SP - 1
VL - Advance Article
IS - 
DP - DeepDyve
ER -