Commentary on the Cybercrime and Cybersecurity Bill Definitions of Terms Part II Following the brief 2017 year end break, we return with this fourth instalment of the commentary series on the draft Cybercrime and Cybersecurity Bill. As a follow up to the Third instalment that focussed on the Definition of Terms for Computer Device and Remote Forensic Tool, this edition examines the definition of the term Computer Data Storage Medium. This edition highlights how the wide definition of the term in the current draft bill may lead to the violation of fundamental human rights such as the right to privacy. Computer Data Storage Medium Computer data storage medium is defined in Section 3 of the draft Bill that contains a host of other terms used throughout the Bill. It is defined as: “Any device or location from which data is capable of being reproduced or on which data1 is capable of being stored, by a computer device, irrespective of whether the device is physically attached to or connected with the computer device.” Simply put, any device that can either produce data, or be used to store data is considered a computer data storage medium. This wide definition includes traditional data storage devices such as external hard drives, but most importantly, it is broad enough to also include cellphones. 1 Data is defined in section 3 of the Bill as “any representation of facts, concepts, information, whether in text, audio, video, images, machine-readable code or instructions, in a form suitable for communications, interpretation or processing in a computer device, computer system, database, electronic communications network or related devices and includes a computer programme and traffic data.” 1