Op-ed | New ‘spy bill’: Will businesses be next to face state security vetting?

This piece by Heidi Swart was first published by News24.

An amended version of the so-called ‘spy bill’ – which previously sparked an outcry over fears that NGOs and churches could face a security crackdown – comes no closer to adequately addressing the concerns raised by the Financial Action Task Force when SA was greylisted.  Instead, its vagueness now opens the door for businesses ranging from accountants to lawyers, real estate agents and dealers in precious metals to face mandatory state security vetting – with potentially devastating consequences. 

Business operators and their employees could soon face security clearance requirements at the discretion of the South African state intelligence services. That’s if parliament passes the new General Intelligence Laws Amendment Bill. The so-called ‘spy bill’ was introduced in the national assembly on Friday, 17 November this year, and legislators on Wednesday (21 November) resolved to pass it into law before Parliament dissolves in May next year.

Security vetting is an invasive process that gives the state’s intelligence services access to any personal information they deem relevant in order to establish if a person can be trusted with classified material. “Relevant” data can include financial and medical records, as well as the interception of electronic communications. One can also be submitted to a polygraph test. All of this is perfectly legal in terms of the amended National Strategic Intelligence Act.

Although the bill isn’t clear on the consequences of failing to gain security clearance, an organisation or individual will, presumably, no longer be allowed to continue their operations within the country under such circumstances. It’s unclear how this will affect operations.

Undemocratic practice

In established democracies, such as the United States and Britain, vetting and the requirement for security clearance are reserved for government employees and contractors who have access to sensitive state information and systems during the course of their work. If security clearance isn’t granted, that person can no longer work in a sensitive position.

However, in terms of the spy bill, vetting will essentially be employed as a criminal investigative mechanism targeting financial crimes. According to the Minister in the Presidency responsible for State Security, Khumbudzo Ntshavheni, the new vetting requirements are a response to South Africa’s greylisting by the global Financial Action Task Force (FATF), a body related to the International Monetary Fund tasked with setting international standards to prevent money laundering and terrorism financing.

By February this year, South Africa had missed its deadline to make all the necessary policy changes to avoid the dreaded list. The explanatory memorandum to the spy bill reiterates the minister’s claims that the new security vetting provisions are a response to said greylisting.

However, unlike fraud investigations conducted by the police or the Financial Intelligence Centre, vetting investigations are not subject to the scrutiny of the courts, and can be carried out in secret since the state is able to classify any information regarding such vetting on the grounds of national security. In terms of the 1982 Protection of Information Act, leaking sensitive state information is punishable by up to 20 years in prison. Thus, if one’s security clearance isn’t granted, it may not be legally possible to establish why.

Any ‘person’ or ‘institution’

While the spy bill itself doesn’t make explicit who will be targeted for vetting, the FATF found specifically that so-called Designated Non-Financial Businesses and Professions (DNFBPs) in South Africa required “improved risk-based supervision”.

According to the National Treasury, FATF also called for supervisors to apply “effective, proportionate, and effective sanctions for noncompliance” (sic) with regards to measures aimed at preventing laundering and terrorism financing.

DNFBPs businesses include:

• Casinos;
• Real estate agents;
• Dealers in precious metals;
• Dealers in precious stones;
• Lawyers, notaries, other independent legal professionals and accountants; and
• Trust and company service providers.

Originally, the spy bill called explicitly for state security vetting of persons seeking to establish or operate nongovernmental organisations or religious institutions. This elicited widespread criticism from the civil society and religious sectors. This first version of the bill was then revised and the specific references to NGOs and churches were removed in the new iteration. It is unclear which legitimate law-making procedures (if any) were employed to draft this new version of the bill.

But now, the state can target for vetting any “person” or “institution” which it considers “of national security interest”. This includes a person or institution that engages in activities “inconsistent with the principles set out in section 198 of the Constitution”, including activities that are a “threat to national security”.

Such a “threat to national security” is defined by the bill as “any action or omission which may potentially cause damage, harm or loss to the national security”. Section 198 doesn’t add much specificity; it broadly spells out the four governing principles of national security in the Republic. In summary, these include that national security should reflect South Africans’ resolve to live in peace and harmony, and that national security measures should comply with the law and be subject to Parliament and the national executive’s authority. The only thing which section 198 specifically prohibits is extralegal armed conflict.

“National security” also gets a new definition in the spy bill. It constitutes the state’s “capabilities, measures and activities” to “pursue or advance”, in- or outside of South Africa, “any threat, potential threat, any opportunity, any potential opportunity or the security of the Republic and its people”. This, again, is governed by the general principles of Section 198 of the Constitution.

Devastating consequences

In the past, security vetting has been used by the State Security Agency to stifle legitimate processes. For instance, in 2018, former Inspector-General of Intelligence, Setlhomamaru Dintwe, asked the court to have his security clearance reinstated after the then SSA Director-General Arthur Fraser allegedly revoked it. At the time, Dintwe was investigating complaints into Fraser’s alleged involvement in the so-called parallel agent network.

Right now, the State Security Agency is housed within the Presidency. This was a move by President Cyril Ramaphosa aimed at rectifying the slew of issues emerging from the Judicial Commission into State Capture as well as a 2018 High-Level Review Panel investigation into the affairs of the SSA. Problems that needed to be addressed included misexpenditures of secret funding, the repurposing of the SSA to serve political purposes, and a parallel vetting structure aimed at speedily ushering certain individuals towards security clearance.

Yet, instead of adequately addressing these pressing problems, the spy bill potentially gives the Presidency the power to shut down or interfere with any organisation or business it deems fit (with no questions asked), thus risking devastating consequences for the free market and South Africa’s international trade reputation.

Heidi Swart is the research and journalism coordinator for Intelwatch, a nonprofit organisation based in South Africa and dedicated to strengthening public oversight of state and private intelligence actors in Africa and around the world.