(Debate in Parliament)
A debate on relevant science and innovation strategies for creating a safe cyber environment that protects the nation and the economy is a kind of Utopian longing for a mechanism that covers everything that is good, right and virtuous. It appears to be almost as simple as saying: "We want tomatoes in the winter when there is frost. Science and innovation must achieve this."
This issue is, however, much more complex. What exactly is the so-called nation and economy that must be protected? What is meant by nation – the country's citizens or the country's government? In European countries, for example, there is legislation protecting the citizens against the government, but in China it is the other way around.
Maybe the state should look into private, encrypted currencies. It could very soon transform the idea of paying tax from a compulsory payment to a voluntary contribution. Citizens may find the idea thrilling, but must keep in mind that traffickers of weapons and drugs may like it even more.
The real question is what do people fear the most? Other countries? Hostile fellow citizens? Powerful corporations? An influential government? Some or other mythical creature that may take control of all of us through our cell phones? Surprisingly enough, not one of these possibilities is entirely ridiculous.
If the government strives to create cyber security, it must distinguish between external and internal threats. Just as the defence force and police service have different functions, there are different functions when it comes to cyber security as well.
Cyber-attacks, in contrast to ordinary attacks, happen so fast that there is no time to react. Thus, the focus must be on prevention. And in the case of a successful attack, exactly which data was compromised must be determined. The consequences of the attack can only be mitigated once the authorities and citizens know this.
Domestically, just like citizens have protection against police abuses, there must be laws that protect citizens' cyber rights against the state. That is the objective of the European "Global Data Protection Rights" or GDPR. It provides the assurance that the state will act in the best interest of citizens – and may be taken to court if that is not the case.
This topic becomes even more complex when one realises that with the "Internet of Things" every light bulb, geyser, fridge and coffee machine as well as every lathe, power saw and lift joins our computers, radios, cell phones and vehicles in the cyber environment.
So, before we even start striving to achieve this ideal, we must determine who citizens are most suspicious of. In South Africa, it is most probably the state. The state not only has a bad reputation for intruding into citizens' private spaces, but its incompetence is also growing.
The reality is that regardless of what Parliament debates or decides, all corporative and private citizens must act as if their cyber security is solely their own responsibility.
At the same time, one can only hope that the state will ensure its own security effectively, that it will protect its people and leave law-abiding citizens in peace.