The United States Embassy in Zambia has raised alarm over the country’s newly enacted cybercrime law, which grants authorities sweeping powers to intercept and monitor electronic communications. The advisory issued by the United States Embassy notes that the new Zambian cybercrime law enforces the monitoring of phone calls, emails, text messages, and streamed content, to determine whether they contain what the law describes as “critical information.”
As this new law introduces an intrusive surveillance ecosystem significantly different from privacy protection provisions that prevail in many countries, the embassy of the United States encourages Americans living in Zambia or considering visiting the country to carefully assess the implications of this law and adjust accordingly.
While the Zambian government defends the legislation as a necessary tool to combat online fraud, child pornography, and the spread of disinformation, critics warn it poses a serious threat to privacy and could be used to justify mass surveillance. The move has sparked a growing debate about surveillance, civil liberties, and the future of digital freedom in Zambia.
Following the alarm raised by the U.S. Embassy, Zambia’s Ministry of Foreign Affairs issued a statement defending the controversial Cyber Security Act, insisting that the law is not intended to invade any person’s privacy regardless of nationality. “The law does not authorize mass or random surveillance. Any interception or data request requires a court-issued warrant,” the statement read. It added that the classification of “critical information” pertains strictly to matters of national security and that any assessments or actions taken are handled by authorized institutions, in accordance with due process.
However, critics remain unconvinced. As reported by the BBC, there are growing fears that the law could be used to silence dissent, especially ahead of Zambia’s general elections next year. Of particular concern is a provision that empowers law enforcement officers, with a warrant, to enter any premises and seize computers or systems containing material considered evidence of a crime or acquired through criminal means.
The law, signed by President Hakainde Hichilema on April 8, 2025, with minimal public notice, also allows the extradition of Zambian nationals accused of offenses under the legislation and prescribes penalties ranging from fines to prison terms of five to fifteen years, depending on the nature of the offense. Another contentious clause mandates Information and Communication Technology (ICT) companies to proactively intercept all electronic communications—a sweeping requirement that has alarmed privacy advocates.
Zambian civil society organizations have taken the government to the High Court, challenging the constitutionality of the Cyber Security and Cyber Crimes Act. Groups including Chapter One Foundation, Bloggers of Zambia, and the Alliance for Community Action argue that the law threatens freedoms of expression and legal protection. They are calling for the act to be declared unconstitutional.
Critics say the law enables state surveillance, including potential access to private conversations without court orders, and mandates service providers to allow real-time monitoring through a Central Monitoring and Coordination Centre.
A coalition of businesses and the New Jersey State Policemen’s Benevolent Association (PBA) are sparring over Daniel’s Law, a New Jersey law meant to protect prosecutors, judges, and cops by shielding their home addresses and phone numbers from disclosure. Businesses that use data for real estate, lending, fraud detection, background checks, and credit reporting formed the Public Safety Information Protection Coalition to fight Daniel’s Law.
The businesses asked a federal judge last June 2024 to declare Daniel’s Law an unconstitutional violation of the First Amendment; the U.S. 3rd Circuit Court of Appeals agreed to review the judge’s ruling last month, in March 2025. John Molinelli, a former Bergen County prosecutor, is the coalition’s spokesman. “Daniel’s Law serves a noble purpose, but the law is broken,” Molinelli said in a statement last week.
The New Jersey State Policemen’s Benevolent Association wrote an open letter on Wednesday, April 16, 2025, to Molinelli, accusing him of falling prey to the data industry’s ploy to avoid accountability. The letter, signed by state PBA President Peter Andreyev and 43 leaders of other PBA chapters statewide, said members of the data business coalition “pretend to be advocates for Daniel’s Law while secretly seeking to undermine and weaken it.”
New Jersey enacted Daniel’s Law in 2020. It’s named after federal Judge Esther Salas’ son, Daniel Anderl, who was slain at the judge’s home that year by a gunman who wanted to harm Salas. Since state legislators passed the law soon after Anderl’s death, they have expanded it several times to protect additional public workers, including child welfare investigators. Lawmakers amended it in 2023 to establish mandatory monetary damages for violations, among other things.
In 2024, Atlas Data Privacy Corp. filed 118 class-action lawsuits on behalf of law enforcement officers against data brokers accused of ignoring requests to remove the officers’ data from various websites. Molinelli had called such lawsuits predatory, accusing Atlas of “engineering” the 2023 legislative amendments so that it could sue violators and reap the profits. The PBA officials defended the lawsuits, saying the data brokers and businesses Molinelli represents continue to violate Daniel’s Law by selling law enforcement officers’ private information despite the ongoing litigation and officers’ pleas to them to stop.
PBA officials have cited a leaked conference call, first reported by Politico earlier this month, during which data brokers and industry groups plotted how to weaken the law. Molinelli, in a statement from a spokesman, said the PBA’s letter fails to address how best to protect public officials who do not want their personal information published.
Daniel’s Law has inspired similar legislation in other states, even though it has prompted several legal challenges here. Still, legislators aim to expand it further. One bill now in the Statehouse pipeline would extend privacy protections under Daniel’s Law to court administrators and deputy court administrators, while another would allow people protected under the law to use a post office box or address other than their home address on their driver’s license or other official identification cards.
Judge Salas has recently said judges and their families have received unsolicited pizza deliveries from unknown persons—a signal, she says, that the people know where the judges live—and some of them are sent using her late son’s name.
Meanwhile, Meta AI is the new artificial intelligence that Meta has added to WhatsApp, Facebook, and Instagram. It functions as a virtual assistant and appears as a chat, allowing users to ask it to explain things, give ideas, or generate images. However, there’s one detail that has upset quite a few people: no one asked for it, and there’s no way to completely deactivate it.
Although it doesn’t read private messages, many users consider it an intrusive feature that appeared without warning. Meta doesn’t allow you to uninstall it, but you can make it disappear from your chat screen by deleting the conversation. Experts have provided five reasons to remove it, including unnecessary environmental impact, the potential to provide false information, and the distraction it adds to an already saturated app.
Moreover, having immediate answers can kill the impulse to research or learn for oneself, raising concerns about creativity and curiosity. Meta AI has been installed without asking for permission and without making it very clear how it manages the data that is generated. If you value your privacy, your attention, and your freedom to choose what tools you use, remember that you can remove it from your screen.
In another development, privacy advocacy group noyb claims that efforts by EU institutions to fix the enforcement gaps in the General Data Protection Regulation (GDPR) risk doing more harm than good. A planned refit of the EU's GDPR Procedural Regulation risks further complicating the system.
Introduced in 2018, the GDPR shields citizens' rights over how their personal data is used. However, when a complaint is filed against a company based in another EU or EEA country, the case must go through a cooperation process that is often slow and opaque. Critics say this has led to a broader failure to properly enforce the GDPR across the bloc.
In an attempt to fix these shortcomings, the European Commission proposed a new regulation in 2023 to harmonise procedural rules and accelerate decisions. However, noyb has warned that trilogue negotiations have yielded a legislative mess that could slow down investigations even further. The current draft would create as many as ten different types of GDPR procedures, adding more complexity to the procedure.
Max Schrems, lawyer and founder of noyb, expressed concern, stating, “This proposal risks becoming the biggest legislative mess I have seen in a long time.” The next round of trilogue negotiations between the European Parliament, the Council, and the Commission is scheduled for May 21, 2025.
