KANCHULE, Ntazana2026-07-032026https://research.unilus.ac.zm/handle/123456789/702Bachelor of Laws - Research ReportThe purpose of this research was to critically analyse the Cyber Security Act No. 3 of 2025 and the Cyber Crimes Act No. 4 of 2025, with a focus on identifying the legal and institutional gaps that limit Zambia’s ability to address emerging digital threats while upholding constitutional rights. The study examined the evolving nature of cyber threats in Zambia, assessed the adequacy of the statutory and institutional frameworks governing cybersecurity and cybercrime, evaluated the constitutional implications of the 2025 Acts, and proposed reforms to establish a clearer, more accountable, and rights-compliant cyber governance regime. Chapter One introduced the research problem, outlined the significance and scope of the study, reviewed relevant literature, and presented the methodological and ethical framework guiding the inquiry. Chapter Two explored the conceptual and constitutional foundations of cybercrime and cybersecurity. It demonstrated that rising internet penetration, expanding digital participation, and sophisticated cyberattacks have increased Zambia’s exposure to cyber risks. The chapter highlighted incidents such as the Golden Top scam, the NAPSA data breach, and the compromise of the Bank of Zambia’s social media accounts as evidence of the growing complexity of digital threats. It further showed that while cybersecurity is essential for protecting digital infrastructure, it must operate within the constitutional safeguards for privacy, fair trial, and freedom of expression under Articles 17, 18, and 20. The analysis revealed that Zambia’s cyber governance is shaped by both escalating digital vulnerabilities and the need to uphold fundamental rights. Chapter Three analysed the statutory and constitutional framework governing cybercrimes and cybersecurity. It demonstrated that the Cyber Security Act introduced institutional reforms for protecting critical information infrastructure and regulating cybersecurity service providers, while the Cyber Crimes Act modernised criminal law by defining and penalising a broad range of digital offences. However, the chapter showed that the effectiveness of these reforms depends on constitutional conformity, judicial oversight, clarity of definitions, and enforceability. Chapter Four critically assessed whether the 2025 Acts met their intended objectives while remaining consistent with constitutional and regional human-rights standards. The analysis revealed significant risks arising from vague definitions, speech-related offences, broad surveillance powers, and the limited independence of the Cyber Security Agency. These weaknesses were shown to undermine legality, accountability, and the protection of privacy and expression, diverging from best practices under African and international norms. The study concludes that although Zambia has made substantial progress in constructing a cyber regulatory framework, the Acts contain constitutional, institutional, and procedural gaps that require reform. The research recommends narrowing vague offences, strengthening judicial and parliamentary oversight, enhancing the independence of the Cyber Security Agency, incorporating public-interest protections, refining statutory definitions, and expanding stakeholder participation. Implementing these reforms would help ensure a balanced, transparent, and constitutionally grounded approach to cybersecurity in the digital age.enA Critical Analysis of the Cyber Security Act and the Cyber Crimes Act of Zambia: Examining their appropriateness in upholding Constitutional RightsThesis