Original Research

Exploring the impact of cloud computing on existing South African regulatory frameworks

Mpho Mohlameane, Nkqubela Ruxwana
SA Journal of Information Management | Vol 22, No 1 | a1132 | DOI: https://doi.org/10.4102/sajim.v22i1.1132 | © 2020 Mpho Mohlameane, Nkqubela Ruxwana | This work is licensed under CC Attribution 4.0
Submitted: 22 July 2019 | Published: 11 August 2020

About the author(s)

Mpho Mohlameane, Research Department, Da Vinci Institute for Technology Management, Modderfontein, South Africa
Nkqubela Ruxwana, Cybersecurity Research Centre, Defence and Security, Council for Scientific and Industrial Research, Brummeria, Pretoria, South Africa; and Informatics Department, Faculty of Information and Communication Technology, Tshwane University of Technology, Pretoria, South Africa

Share this article

Bookmark and Share


Background: The use of cloud computing services raises policy and regulatory challenges globally, more specifically on data security and privacy, amongst other issues. There is a concern on whether South African information and communications technology (ICT) policies and regulatory frameworks are sufficient to address emerging cloud computing regulatory challenges. Therefore, this necessitates a review to determine the extent to which existing regulatory frameworks are applicable to cloud computing and the challenges thereof.

Objectives: The study determines the impact of cloud computing on existing South African ICT policies and regulatory frameworks and ascertains whether they are sufficient to address challenges regarding the use of cloud computing services.

Method: The study followed an interpretivism philosophical stance. A multi-method qualitative research approach was employed and a thematic analysis was applied in which the data was collected through interviews, questionnaires and document analysis.

Results: The existing policies and regulatory frameworks as applicable to computing are playing ‘catch-up’ where technology has a footprint. Moreover, some existing policies use a blanket approach and are not specific to the subject matter. As a result, there is a need for policies that are future-proof and specific to the subject matter.

Conclusion: The emergence of cloud computing has exposed the existing ICT policies and regulatory laws as being inadequate to address cloud computing developments, complexities and challenges, especially challenges related to public confidence regarding the use of cloud computing services and cloud competitiveness.


cloud computing; policy; law; regulation; cloud computing regulatory; South African cloud regulatory framework.


Total abstract views: 1088
Total article views: 1254

Crossref Citations

No related citations found.