(1)
| (a) |
Subject to paragraph (b), an electronic communication service provider who provides a mobile cellular electronic communications service shall not activate a SIM-card on its electronic communication system unless subsection (2) has been complied with. |
| (b) |
Paragraph (a) does not apply to a customer of an electronic communication service provider who provides a mobile cellular electronic communications service outside the Republic who enters the geographical coverage area of a mobile cellular electronic communication service provider in the Republic and uses the electronic communication system of such provider to make, receive and send voice calls or data or access other services. |
| (2) |
From the date of commencement of this section an electronic communication service provider must, subject to subsection (4), at own cost implement a process to record and store, and must record and store— |
| (a) |
the Mobile Subscriber Integrated Service Digital Network number (MSISDN-number) of the SIM-card that is to be activated by an electronic communication service provider at the request of a person contemplated in paragraphs (b) and (c); |
| (b) |
in the case of a person who— |
| (i) |
is a South African citizen or is lawfully and permanently resident in the Republic, the full names and surname, identity number and at least one address of such person who requests that a SIM-card referred to in subsection (1) be activated on the electronic communication system of an electronic communication service provider; or |
| (ii) |
is not a South African citizen or who is not permanently resident in the Republic, and who requests that a SIM-card referred to in subsection (1) be activated on the electronic communication system of an electronic communication service provider, the full names and surname, identity number and at least one address of such person and the country where the passport was issued; or |
| (c) |
in the case of a juristic person— |
| (i) |
the full names, surname, identity number and an address of the authorised representative of the juristic person; and |
| (ii) |
the name and address of the juristic person and, where applicable, the registration number of the juristic person. |
(3)
| (a) |
For the purposes of subsection (2), an electronic communication service provider must, in the manner provided for in paragraph (b), verify— |
| (i) |
the full names, surname, identity number and identity of the person contemplated in subsection (2)(b) and (c) and, where applicable, the country where the passport was issued; |
| (ii) |
the name and, where applicable, the registration number of the juristic person; |
| (iii) |
in the case of a person contemplated in subsection (2)(b)(i) and (c), the address; and |
| (iv) |
the authority of the representative of a juristic person. |
| (b) |
An electronic communication service provider must verify— |
| (i) |
the information contemplated in paragraph (a)(ii) by means of an identification document; |
| (ii) |
the information contemplated in paragraph (a)(ii) by means of documentation, including a registration document, founding statement, document issued by the South African Revenue Service or any other similar document; |
| (iii) |
the address contemplated in paragraph (a)(iii) by means of documentation, including a bank statement, a municipal rates and taxes invoice, telephone or cellular phone account of not older than three months, or any other utility bill or an account of a retailer of not older than three months, or an existing lease, rental or credit sale agreement, insurance policy, a current television licence or a new motor vehicle licence document; and |
| (iv) |
the authority of the representative of the juristic person by means of a letter of authority or an affidavit. |
(4)
| (a) |
An electronic communication service provider must ensure that— |
| (i) |
the process contemplated in subsection (2); |
| (ii) |
the information recorded and stored in terms of that subsection; and |
| (iii) |
the facility in or on which the information is recorded and stored, |
are secure and only accessible to persons specifically designated by that electronic communication service provider.
| (b) |
The Minister may, in consultation with the Cabinet member responsible for communications, by notice in the Gazette, determine security standards relating to the matters contemplated in paragraph (a). |
| (5) |
From the date of commencement of this section, any customer who sells or in any manner provides an activated SIM-card to a person, other than a family member, and the person who is to receive the SIM-card must, immediately upon the sale or provision of the SIM-card, provide the relevant electronic communication service provider with— |
| (a) |
the full names, surname and identity number of the customer; and |
| (b) |
all particulars as required in subsection (2) in respect of the person who is to receive the SIM-card. |
(6)
| (a) |
An electronic communication service provider must, upon receipt of the information provided in terms of subsection (5)— |
| (i) |
verify the full names, surname, identity number and identity of the persons with reference to the persons' identification documents; |
| (ii) |
verify the address, contemplated in subsection (3)(a)(iii), of the person who is to receive the SIM-card by means of the documents contemplated in subsection (3)(b)(iii); and |
| (iii) |
verify the particulars contemplated in subsection (2)(a). |
| (b) |
An electronic communication service provider must, upon receipt of the information provided in terms of paragraph (a), immediately record and store the information as contemplated in subsection (2). |
(7)
| (a) |
An applicant may, for the purposes of making an application for the issuing of a direction, in writing, request an electronic communication service provider to— |
| (i) |
confirm that the person specified in the request is or was a customer of that electronic communication service provider; and |
| (ii) |
provide the applicant with the information recorded and stored in terms of subsection (2). |
| (b) |
An electronic communication service provider who receives a request referred to in paragraph (a) must immediately comply with that request if the person specified in the request is or was a customer of the electronic communication service provider concerned. |
| (8) |
If an employee or agent of an electronic communication service provider knows or suspects that an identification document submitted for verification as contemplated in subsection (3) is false, he or she must, within 24 hours, report the matter to a police official at any police station. |
| (9) |
An electronic communication service provider must, on its electronic communication system, record and store— |
| (a) |
every MSISDN-number used with every IMEI-number; and |
| (b) |
every IMEI-number used with every MSISDN-number, |
which must, on production of a direction, be provided to an applicant within 12 hours.
| (10) |
The information recorded and stored in terms of subsections (2), (6) and (9) must be stored by an electronic communication service provider for a period of five years after— |
| (a) |
a customer has cancelled his or her contract with the electronic communication service provider; or |
| (b) |
the electronic communication service provider has ended the electronic communications service provided to the customer. |
South African Institute for Drug Free Sport Act, 1997
