Legal challenges of establishing jurisdiction over cloud data: addressing the gaps in South Africa’s cybercrime legislative framework
Date
2023
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of the Witwatersrand, Johannesburg
Abstract
This thesis discusses the problems presented by the emerging technology of cloud computing during cybercrime investigations. One of the main challenges with cloud computing technologies is the lack of clarity on jurisdiction and whether law enforcement agents can exercise unilateral enforcement jurisdiction over remote cloud data. The thesis signifies the challenge by demonstrating how remote access to cloud data can potentially infringe on the sovereignty of foreign states, violate international law, and infringe on people’s privacy rights. The underlying concern with cybercrime investigations in the cloud context is that the current laws are not only territorial, but they are also outdated and lacking the ability to complement and address technological advancements. The central question discussed is whether the jurisdictional principles need to be revised to address innovative technological advancements or if the traditional principles suffice and can continue to be of application. At present, there are diverging views and approaches to dealing with cloud data jurisdiction for criminal investigation purposes. Some scholars, judges and law officers still rely on traditional jurisdictional principles and apply them to cyberspace and cloud environments. They do not see the justification to have separate laws to address activities in cyberspace. However, others advocate for the acclimatisation of new laws to meet the technological changes. Compounding this difference in opinion is the uncertainty in legal frameworks on cybercrime. Such uncertainty has left the topic vacillating between the views of territorialists and those of data exceptionalists. Similarly, South Africa’s position on this issue is unequivocal as various pieces of legislation address the issue of cloud jurisdiction differently. This makes this study of utmost importance.
This thesis argues that law should be developed to address the technological changes presented by cloud computing technologies. Traditional jurisdictional principles which emphasise on geographical territory are not sufficient to address the unique features of cloud data. Pre-internet based jurisdictional principles should not be directly applied in cyberspace or cyber-environments. It is important for law to be developed in a manner which allows it to adequately address technological developments. One way of achieving this is by reformulating jurisdictional principles to conform with the emerging technologies. Apart from law, lawyers and law makers should leverage the use of other regulatory modalities such as code to regulate online conduct. Code can play the role of law which can effectively regulate cyberspaces as well as solve the data jurisdictional problem. This thesis supports the notion of reformulation of jurisdictional principles to address these challenges. In addition, it also points out the importance of reinforcing the current measures in place to address jurisdictional challenges
Description
A thesis submitted in fulfillment of the requirements of a Doctor of Philosophy Degree in Law at the University of the Witwatersrand, Johannesburg, 2023
Keywords
Cybercrime, Cybercrimes Act, Cloud Computing, Extraterritorial Jurisdiction, Search and Seizure, Computer Storage Data, Cloud data, Electronic Evidence, UCTD
Citation
Musoni, Melody. (2023). Legal challenges of establishing jurisdiction over cloud data: addressing the gaps in South Africa’s cybercrime legislative frameworks [Master’s dissertation, University of the Witwatersrand, Johannesburg]. WireDSpace. https://hdl.handle.net/10539/38802