April – June 2024

How are the Global Digital Compact negotiations evolving? What are the implications of the EU’s new Artificial Intelligence Act? Which countries experienced a significant Internet outage due to a submarine cable cut? Which country is pushing for a controversial cybercrime law to curb freedom of speech? These questions, along with many other topics, are explored in our latest GIF Internet Freedom Trends report, covering the period from April to June 2024.

Global Trends

Recent reports indicate that European countries are advocating for a focus group on human rights and technical standards under the International Telecommunication Union (ITU). While such discussions are welcomed, caution is advised as standards developing organizations, primarily composed of technical experts, often lack sufficient human rights knowledge. The processes are frequently influenced by technical considerations and corporate lobbying, presenting institutional challenges that could undermine the integration of human rights into technical standards.

The Global Digital Compact (GDC) negotiations have progressed, with the second revision released in June and the third in early July. Civil society has raised concerns about the drafts, calling for stronger human rights protections and safeguards for the multistakeholder approach to Internet governance. They also advocate for the Internet Governance Forum (IGF) to monitor the implementation of GDC commitments.

In May, the European Union (EU) approved the Artificial Intelligence (AI) Act, introducing new obligations for AI developers, effective in two years. This act, applying to AI systems within the EU, adopts a risk-based approach to AI governance and is expected to influence global AI policies. Additionally, the Council of Europe (CoE) adopted the Convention on AI (CAI), allowing Observer States like the US and Mexico to sign. Unlike the EU AI Act, the CAI excludes the private sector and AI systems used for national security, drawing criticism from civil society organizations (CSOs).

In April, the EU Commission published Guidelines for providers of Very Large Online Platforms and Very Large Online Search Engines on the mitigation of systemic risks for electoral processes in June. Platforms conducted voluntary stress tests to assess readiness for the EU elections. Meta’s Oversight Board published nine vital lessons for the industry.

European regulations are transforming voluntary processes for addressing human rights and sustainability impacts into hard law. TheCorporate Sustainability Due Diligence Directive (CSDDD), approved on May 24, mandates stakeholder engagement and due diligence. Complementing this, the Corporate Sustainability Reporting Directive (CSRD) requires companies to disclose environmental, social, and financial impacts. Both directives prioritize impacts based on severity and likelihood, with CSDDD focusing on impact addressing and CSRD on transparency.

Efforts are underway to coordinate among regulators globally. The Online Safety Regulators Network, established to ensure independence and uphold human rights, democracy, and rule of law, was led by various authorities. The Dubrovnik regulators conference marked the creation of a global network, including the African Communication Regulatory Authorities Network, the European Regulators Group for Audiovisual Media Services (ERGA), the Global Online Safety Regulators Network, the Mediterranean Network of Regulatory Authorities, the Pattern Recognition and Artificial Intelligence, and the Francophone Network. The European Commission has signed agreements with regulators like Australia’s eSafety Commissioner, ERGA, and Ofcom to regulate online harms.

The EU Commission has initiated proceedings to determine if Meta failed to protect minors under the Digital Services Act (DSA), focusing on concerns over addiction, deceptive advertising, and political content. Similar proceedings have been started against TikTok regarding its reward program and potential addictive behavior in children. Additionally, companies submitted their second round of transparency reports by the deadline on May 6, as mandated by the DSA.

In May, BSR, a sustainable business network and consultancy, published the Guide for Civil Society on Effective Engagement with Technology Companies, which notably includes useful tools for mapping company structures.

West and Central Africa (WCA)

In 2024, Internet shutdowns in Africa have surged, particularly during political conflicts and elections. According to the Top10VPN, the five countries with the most expensive shutdowns are Sudan ($244.5 million USD), Ethiopia ($130 million USD), Guinea ($60.9 million USD), Senegal ($15.4 million USD), and Chad ($3.8 million USD). These shutdowns have substantial economic and human costs, affecting millions of users.

In June, the Government of Liberia faced a major cyberattack on its top-level domain (.LR), causing significant disruptions to government websites and access to classified information. Despite ongoing efforts by the Ministry of Posts and Telecommunications, the attack persisted for over 48 hours. Authorities emphasized the urgent need to prioritize cybersecurity.

In May, the Nigerian government halted a planned 0.5% levy on domestic electronic transactions aimed at enhancing cybersecurity after widespread public criticism. The suspension came amidst economic challenges, including soaring inflation and high cost-of-living expenses. The cybersecurity tax, originally proposed in 2015, was intended to raise funds for national cybersecurity efforts but faced backlash due to the financial burden on citizens.

Angola’s proposed national security law, currently under parliamentary review, threatens press freedom by allowing authorities to disrupt telecommunications and conduct surveillance without judicial oversight. Critics warn the law could lead to increased harassment and censorship of journalists and pave the way for more repressive actions. If passed, the law would enable authorities to shut down media operations under vague “exceptional circumstances,” posing a severe risk to freedom of expression.

In April, Mali’s junta banned media from reporting on political activities, a day after suspending all political activities. The order affects all media forms and has led to significant backlash from journalist organizations and human rights groups.

In April, Burkina Faso suspended several international news organizations, including Le Monde, The Guardian, and Deutsche Welle, over reports accusing the army of extrajudicial killings. Similar actions followed in late June against Voice of America and BBC Africa. The government denied the allegations, while press freedom groups condemned the suspensions as censorship. In total, 13 international media outlets are now banned.

In May, Guinea revoked the broadcast licenses of six media outlets, including FIM, Espace, Sweet, Djoma, Djoma TV, and Espace TV, citing non-compliance with regulations and security reasons. These outlets had already been blocked since December 2023. International organizations have condemned the move as a severe act of censorship, urging Guinean authorities to reinstate the licenses and allow these media outlets to operate freely.

East and Southern Africa (ESA)

In May 2024, a significant Internet outage affected ESA due to a submarine cable cut. Kenya, Tanzania, Rwanda, and Uganda experienced poor connectivity, with service providers acknowledging the issue. Similar outages in March impacted several countries in Africa. Despite disruptions, alternative cables linking East Africa to Europe remain operational. Cloudflare Radar noted significant impacts, particularly in Tanzania, where traffic dropped to 30% of expected levels. Other affected countries include Malawi, Mozambique, and Madagascar.

On June 25, Internet services in Kenya were disrupted during anti-Finance Bill protests despite assurances from the Communications Authority of Kenya that there would be no shutdown. NetBlocks confirmed significant network disruptions, with connectivity dropping to 42%. Safaricom attributed the slowdown to outages in two undersea cables. The disruption also impacted Uganda and Burundi. CSOs condemned potential Internet interference, citing its adverse effects on the economy and freedom of expression, estimating economic losses of about $3.5 million USD per hour of outage in Kenya.

In war-torn Sudan, smuggled Starlink devices have become a lifeline for Internet access amidst widespread blackouts. Although banned by the Sudanese government, the Rapid Support Forces (RSF) exploit them for profit, enabling essential communication and financial transactions. Despite high costs and commissions, residents rely on Starlink to transfer money and stay connected.

In May 2024, Eritrea faced a massive cyberattack on its Internet system during Independence Day celebrations. The attack, occurring in the afternoon, was swiftly countered by the Eritrean government’s defensive measures, preventing any network disruption. The origins and orchestrators of the attack are known to the Eritrean authorities, who plan to reveal more details in due course.

International human rights organizations have called on Ethiopian authorities to end their crackdown on human rights groups. The government has increased physical and digital surveillance, harassment, and threats against organizations like the Ethiopian Human Rights Council. Additionally, journalists face arbitrary detention and restricted Internet access, especially in conflict zones like Amhara.

In Uganda, the national ID card system has become central to banking, voting, and targeting critics. Human rights lawyer Nick Opiyo was detained after uncovering state security abuses. The system allows extensive surveillance by authorities, impacting privacy and freedoms. Despite potential benefits, the potential of misuse is high.

The implementation of Malawi’s Electronic Transactions and Cyber Security Act is drawing criticism for being used to silence dissent. Arrests, including those of activist Bon Kalindo and MP Kamlepo Kalua, have raised concerns of abuse. Human rights groups and lawyers argue the law is misused to target critics and stifle free speech. They call for its review and urge the government to focus on genuine issues rather than using the law to intimidate. Authorities maintain the law’s necessity for national security.

The Zambian government’s plan to require licensing for social media has raised concerns among activists, who argue it infringes on freedom of expression. The government claims the regulation aims to combat cybercrime and promote responsible social media use. However, critics warn that such regulations do not align with democratic values and could silence citizen activities online. The amended law will require online broadcasters to obtain a costly operating license. Similar regulations have sparked controversy in other African countries.

A Ugandan court sentenced 24-year-old Edward Awebwa to six years in prison for insulting President Yoweri Museveni, First Lady Janet Museveni, and their son on TikTok. Awebwa was charged with hate speech and spreading misleading information. Experts have criticized Uganda for curbing freedom of expression. Zambia, Namibia, and Tanzania are working with international partners to enhance their digital public infrastructure (DPI) and ID systems. Zambia has digitized the records of roughly seven million people as a key step towards a modern legal and digital identity system, with 81% of legacy ID cards digitized in just three months. Namibia is expanding its national ID use, while Tanzania is integrating its digital ID and civil registration and vital statistics systems.

Latin America and The Caribbean (LAC)

In May, a threat actor leaked the personal information and biometric data of over five million Salvadorans on the Dark Web, affecting more than 80% of the population. The 144 GB data dump includes high-definition headshots, document IDs, names, birthdates, and contact details. This unprecedented breach shows the growing interest in biometric data among cybercriminals, posing significant identity theft and fraud risks for El Salvador’s citizens.

In April, TEDIC, a digital rights advocacy group in Paraguay, warned that the country’s issuance of digital IDs and mobile driver’s licenses (mDLs) lacks adequate regulation, potentially undermining personal privacy and human rights. Paraguay’s digital ID law, passed in October 2023, has not yet been accompanied by necessary safeguards.

In April, Paraguay enacted Law No. 7280 to reform and modernize the National Police. This legislation aims to enhance the efficiency, transparency, and accountability of the police force, and includes the integration of new technologies. Notably, the law also permits cyber patrolling and the interception of communications to combat cybercrime effectively.

In April, an Ecuadorian appeals court declared Swedish programmer Ola Bini guilty of unauthorized access to a computer system, overturning a previous verdict of innocence. The court imposed a one-year prison sentence and a fine of four basic unified salaries. Bini’s lawyer criticized the decision, noting the same judges had previously detained Bini illegitimately. Bini expressed fear before the verdict and announced plans to appeal, insisting on his innocence and alleging persecution due to his association with Assange.

In May, Amnesty International reported that Guatemalan authorities are harassing and criminalizing female justice operators and human rights defenders (HRD), including gender-based violence and discrimination. This crackdown follows significant progress against corruption and impunity. Since 2018, documented abuses include improper prosecution, online harassment, and arbitrary detention.

In May, Argentine President Javier Milei’s administration suspended websites and social media of public media outlets, such as Public Television, National Radio, and several others. Critics claim this move undermines freedom of expression and serves political harassment. Many experts condemned the actions, linking them to broader governmental repression and censorship. Additionally, according to PEN International’s report, since January 2024, 61 attacks on the Argentine press have been recorded, with President Javier Milei responsible for 30% of them. Media closures, derogatory remarks about journalists, and economic pressures have created a hostile environment for reporters and cultural workers, jeopardizing their work and fundamental liberties.

According to a study by the Brazilian National Federation of Journalists (FENAJ), attacks against journalists have decreased considerably, but the use of justice, such as legal actions, to stop their work has increased by 92%.

In April, local non-governmental organization, Un Mundo Sin Mordaza reported on the critical state of freedom of expression in Venezuela in 2023, pointing to 381 cases of violations, including arbitrary arrests, threats, harassment, and censorship against journalists and citizens. They faced issues like the confiscation of equipment, blocking of websites, and service outages.

In May, Chile introduced its updated National AI Policy and proposed new AI legislation, for ethical and responsible AI development. The policy aligns with the United Nations Educational, Scientific and Cultural Organization’s (UNESCO) ethical AI principles and aims to protect health, safety, and fundamental rights while fostering innovation.

Europe and Eurasia (EE)

On April 29, it was reported that Belarus’ main security service website had been down for two months following a cyberattack by the Belarusian Cyber-Partisans. The hackers, part of the broader opposition against the President Alexander Lukashenko’s regime, claimed responsibility and published sensitive data of over 8,600 KGB agents.

On April 23, it was reported that Russian hacker group Sandworm targeted nearly 20 energy facilities in Ukraine that spring amid intense missile strikes. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed that several supply chains were compromised using new and known malware variants like Kapeka, Loadgrip, and Gossipflow. These cyberattacks, coordinated with missile strikes, appear to aim at gathering intelligence to assess damage and potentially plan further attacks.

In Georgia, the recently adopted Russia-inspired Law on Foreign Agents directly targets non-commercial legal entities and online media outlets. Its implementation may significantly affect the diversity of media landscape in the country and become an instrument of repression against civil society. If CSOs are not registered as agents of foreign influence by September 2, they will be subject to sanctions. On May 13, Georgian police arrested 20 protesters as lawmakers adopted the law. Critics say the bill mirrors Russian legislation used to suppress dissent, threatening Georgia’s free speech and EU membership aspirations.

Belarus has intensified its measures against the Lesbian, Gay, Bisexual, Transgender, Queer, Intersex (LGBTQI+) community, influenced by its political alignment with Russia. Recent laws categorize homosexual and bisexual relations alongside crimes like pedophilia and zoophilia and propose penalties for LGBTQI+ propaganda. State-controlled media and statements from President Alexander Lukashenko support these policies.

On April 29, a public debate was held on proposed amendments to Armenia’s Law on Mass Media and Civil Code. The initiative aims to introduce an effective self-regulation system for mass media, promoting ethical standards and public trust. The Media Council, a voluntary association, will oversee this. The initiative has support from various governmental agencies and CSOs.

On June 12, antigovernment activists clashed with Armenian police in Yerevan, resulting in injuries to at least a dozen journalists. Media groups condemned the police for using stun grenades and brute force and demanded an investigation into their actions. The authorities blamed protesters for the disturbances, with 28 arrests made.

On May 15, Moldova’s Investment Commission announced its plan to ban seven TV channels and two radio stations, intensifying its censorship practices. Over 20 media outlets were previously shut down without judicial review. Following Russia’s invasion of Ukraine, Moldova banned numerous pro-Russian media outlets to protect its information security. While some argue these bans improve the media landscape, others see them as ineffective and potentially undermining free speech.

On June 13, the European Court of Human Rights held Azerbaijan liable for blocking Radio Free Europe’s websites since 2017. The court ruled this action violated Article 10, as Azerbaijani law lacked safeguards against arbitrary interference and the government failed to justify the blocking.

The Balkans

In May, pro-Russia hackers targeted Kosovo’s government websites, including those of the President and Prime Minister, with Distributed Denial of Service (DDoS) attacks in retaliation for Kosovo’s military support to Ukraine. The attacks, described as part of a hybrid war, temporarily disrupted the sites but the latter were restored by the government. Prime Minister Albin Kurti emphasized the attacks aimed to destabilize Kosovo’s security and institutions.

The Serbian authorities are using high-tech surveillance, including facial recognition technology, to monitor political opponents, activists, and journalists. The recent report claims over 8,000 surveillance cameras have been installed, predominantly from Chinese manufacturers, raising human rights concerns. Despite Serbia’s EU membership aspirations, ties with China and Russia have strengthened. The report also shows instances of spyware use against civil society representatives and unauthorized surveillance by the Serbian intelligence service.

On June 28, the Kosovo government banned TikTok in state institutions due to concerns over cyber threats. Deputy Minister for Internal Affairs Bardhyl Dobra stated that the decision aims to protect Kosovo’s institutions from cyberattacks. Due to this decision all public institutions were required to implement technical restrictions to prohibit TikTok, and public officials were obliged to remove the app from their official devices. The ban followed similar actions by several allied countries and international bodies, including the EU, the United Kingdom (UK), the United States of America (USA), Canada, and others. Kosovo is the first country in its region to enforce such a ban.

Banks and postal companies have been reporting a surge in phishing campaigns, aimed at collecting private bank information from citizens. The postal scams have been ongoing in Serbia, Bosnia and Herzegovina (BiH), and Montenegro, and they have also been noticed in some instances across the region.

In May, the Republika Srpska government withdrew a controversial “foreign agent” law from the National Assembly agenda. The proposed law targeted NGOs and required surveillance, registration, and financial reporting. Despite concerns from NGOs and international warnings about its repressive nature, the law was announced by Milorad Dodik, the pro-Russian President of Republika Srpska, in 2022.

North Macedonia’s recent general and presidential election campaigns were marred by negative online discourses targeting politicians, minorities, women, and the LGBTQI+ community. The campaigns relied on the use of smear tactics, fake news, and ethnic divisions to influence public opinion. Despite the elections being deemed fair, these tactics undermined the democratic process and fostered distrust among ethnic groups.

In April, Albania’s Citizens Channel, an independent media outlet, faced multiple cyber-attacks on their website and social media profiles. These attacks followed their critical stance against the government, resulting in significant content loss. Coordinated attacks included DDoS, malicious scripts, and mass removal of content from their Facebook page. The attacks continued with fake followers on Instagram, forcing Citizens Channel to make their profile private.

In April, Romania’s Energy Minister, Sebastian Burduja, filed a crime complaint with the Directorate of Investigation of Organised Crime and Terrorism over a deepfake video using his image and voice to promote a fake investment platform. Romania currently lacks specific laws against deepfake cyber scams, although a draft law proposing fines and prison sentences is pending. Burduja urged citizens to be wary of such scams and consult cybersecurity resources.

In May, a Bulgarian research team announced the development of an AI-powered biometric access system for public events. This system will use facial recognition and fingerprints to replace traditional tickets, ensuring secure entry for registered individuals. The $8 million USD project, partially funded by the EU, aims to enhance security and integrate behavioral analytics. As announced, the system should be compliant with General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) regulations.

In Serbia, authorities swiftly responded to an AI deepfake video of Prime Minister Milos Vucevic on Facebook, contrasting their slower reaction to similar cases involving citizens and opposition politicians. The Special Prosecution Office for High Tech Crime directed the police to investigate, and the government requested Meta to remove the video and provide account details.

South and Southeast Asia (SSEA)

In April, Internet services across Bangladesh were disrupted due to damage to the SMW-5 submarine cable in Singapore. Users experienced sluggish speeds as authorities worked to shift bandwidth to the older SMW-4 cable. The Bangladesh Submarine Cables PLC indicated it would take a couple of days to resolve the issue.

Pakistan-administered Azad Kashmir experienced significant unrest in May due to protests over high wheat prices and electricity bills. In response, a mobile Internet shutdown was imposed on May 12. Clashes resulted in one police officer and three protesters dead, with hundreds injured. The Internet was restored after five days.

In Bangladesh, the hacker group ‘Hafnium’ launched attacks on over 200 organizations, including major financial and regulatory bodies, by inserting malware through a Microsoft Exchange Server. This led to information leaks and potential future financial losses, as reported by BGD e-GOV CIRT and the Bangladesh Computer Council.

In Indonesia, President Joko Widodo ordered a government data center audit after a ransomware attack affected over 230 public agencies, including immigration and airport operations. Despite an $8 million USD ransom demand, Indonesia refused payment, restoring services using backup data centers. The incident disrupted immigration services at international airports, causing long queues and prompting calls to reassess the center’s security system reliability.

Analysts reported a 325% spike in cyberattacks and misinformation campaigns in the Philippines, driven by geopolitical tensions in the South China Sea. Hacktivist groups, likely tied to foreign entities, target government institutions. Experts warn these activities may precede broader foreign cyber threats.

In April, Myanmar’s junta established a committee to monitor and suppress online content, including “fake news” and “political criticism.” International organizations and experts urged the junta to withdraw the order and dismantle the committee, as it violates freedom of expression and human rights standards. Tech companies are advised to protect freedom of expression and resist compliance with the junta’s demands. Later in June, the junta banned Virtual Private Network (VPN) usage, further restricting information flow. Citizens face fines and arrests for using VPNs, leading to a significant information blackout. Experts warn this crackdown severely impacts Internet access and freedom of expression. Despite censorship, some VPNs like Proton VPN remain operational, and alternative tools like Tor browser are gaining users.

LGBTQI+ people and activists in SSEA are facing increasing threats, restrictive legislation, and invasive surveillance. On April 8, Cambodia pushed a controversial cybercrime law to curb freedom of speech, aiming for enactment by year’s end. The draft law includes defamation, derogatory language, and false information provisions, allowing real-time Internet data collection. Critics argue it threatens dissenters, women, and LGBTQI+ people, despite government claims of no rights restrictions. Women and LGBTQI+ activists in Thailand face state-backed online abuse and surveillance, including Pegasus spyware. This digital violence aims to silence dissent. CSOs urged the Thai government to end these practices, investigate abuses, and ban invasive spyware to protect activists’ rights to freedom of expression and privacy. On June 25, Indonesia proposed a new broadcast bill to curb LGBTQI+ content and other “negative” material, threatening freedom of expression. Critics argue that the vague restrictions will severely limit online and broadcast content, impacting creators. With a growing number of Internet users, Indonesia’s tightening grip on content raises concerns about increased censorship and the suppression of dissent.

On April 6, the Taliban announced plans to restrict or block Facebook in Afghanistan. Afghans fear this will severely impact free speech. The Taliban cited the need for youth to focus on education as a reason for this move. Facebook remains vital for news dissemination despite the ongoing press freedom crackdown.

On June 26, India began enforcing the Telecommunications Act 2023, threatening digital rights by allowing government to intercept of messages and breaking end-to-end encryption. The Act also reinforced Internet shutdown powers, with India having disrupted the Internet 27 times in 2024.

Pakistan announced a draft law to regulate social media, aiming to curb disinformation and hate speech. While the government asserts it will protect digital rights, critics fear it could suppress online dissent. The draft may establish a digital rights protection authority. Activists urge inclusive drafting to prevent misuse.

Sri Lanka announced plans to draft a national cyber security act in May due to the increasing number of social media accounts. The cabinet has approved the National Digital Strategy 2030, focusing on cyber security, data security, and digital financial services. Regulations for undersea cables will also be introduced.

Malaysia’s Cyber Security Bill, which passed both houses of parliament, raises significant concerns about freedom of expression online. The bill allows government censorship, broad control over digital services, and expansive search and seizure powers without judicial oversight. Critics argue it threatens journalists, whistleblowers, and cybersecurity researchers.

In Sri Lanka, youth activist and comedian Nathasha Edirisooriya was arrested on charges of insulting Buddhism and hate speech following jokes made during a YouTube comedy performance. Despite retracting the video and apologizing, she faced escalated online harassment and threats, leading to her arrest at the airport without access to legal counsel initially. Her detention has sparked international criticism, citing it as an attack on artistic expression and a breach of Sri Lanka’s international human rights obligations.

Central Asia (CA)

Kyrgyzstan’s digital infrastructure is under severe attacks from various Pakistan-based hacktivist groups. On May 22, local media reported that Team Insane Pakistan published personal information of around 600,000 Kyrgyz citizens.

Citizens of Kyrgyzstan and Tajikistan have faced significant fraud through WhatsApp and Telegram in early summer 2024. In Kyrgyzstan, scammers offer money-making opportunities, stealing funds and harvesting personal data. This data is sold or used in further fraudulent schemes. Tajikistan has seen a rise in telephone fraud cases where attackers use AI to mimic victims’ relatives’ voices. Scammers also impersonate celebrities and high-ranking leaders, spreading false news. Despite police warnings, these measures have proven inadequate in preventing fraud.

In June, the Ministry of Culture and Information of Kazakhstan approved rules for restricting access to Internet resources and online platforms that violate local laws. According to these rules, websites and platforms must remove any prohibited content or face consequences such as being blocked or having their traffic reduced, making them less accessible to users.

The Law on Cybersecurity of the Kyrgyz Republic was adopted on June 12. The law aims to protect individuals, society, and the state by ensuring digital resilience and information sovereignty, as well as to monitor information protection effectiveness, mitigate cyber-attack impacts, and establish a response system to combat cyber threats and cybercrime.

In May, the President of Tajikistan appointed top management for the Agency for Innovation and Digital Technologies. This Agency will establish regulations to promote digital development and improve sectoral policy. Their work includes implementing personal data protection (PDP) mechanisms, creating an authorized entity for data protection, and defining security requirements with penalties for violations.

Uzbekistan’s National Strategy – 2030 includes significant digital reforms. A presidential decree aims to end the monopoly on transborder Internet connections by January 2025, allowing all telecom operators to connect with international providers, subject to cybersecurity compliance. Currently, only one state-owned company manages all external Internet traffic.

In June, Uzbekistan amended its Criminal Code to impose harsher penalties for online activities. The new laws broaden the definition of extortion and introduce penalties for illicit financial gains from cryptocurrency activities and alter IMEI codes. A new section targets the dissemination of false information, with penalties ranging from fines to imprisonment, raising concerns about vague and potentially perilous interpretations.

Recent legislative changes and proposals in Tajikistan, Kazakhstan, and Kyrgyzstan have sparked concerns over increased censorship and state control of the media and digital spaces. In April, civil society and media experts reviewed Tajikistan’s draft information code, expected to be adopted this year. The code, based on outdated laws, has raised concerns due to its ambiguous language, which could potentially intensify censorship and overregulate the Internet and media. On June 19, the President of Kazakhstan enacted a new Mass Media Law, raising concerns about increased state control over press freedom. The law broadens the definition of “mass media” to include Internet resources, requiring state registration for all digital media. A Unified Media Platform will be established to execute state information policy and facilitate journalist accreditation. On April 1, Kyrgyzstan’sMinistry of Culture and Information submitted a draft law introducing fines for defamation and insults in the media, websites, and online. Previously decriminalized, these offenses would now be under the jurisdiction of the Ministry, allowing it to impose fines. CSOs opposed this, leading to the draft being returned for revision.

CA has witnessed numerous actions against activists and journalists, which shows the shrinking space for human rights and freedom of expression.

Numerous activists in Kyrgyzstan were detained and sentenced for accusations of inciting mass disorders, disseminating provocative content, and criticizing the President. Sentences ranged from three to five years in prison, reflecting a broader crackdown on dissent and freedom of expression in the country.

In May, in Uzbekistan, a 28-year-old was sentenced to two and a half years of correctional labor for derogatory comments about the President on social media. His earnings were partially withheld, and his Instagram account blocked. The same month, the Spiritual Administration of Muslims restricted imams from speaking on social media, raising concerns about human rights violations.

In Kazakhstan, the court fined a media founder for allegedly posting false information and raising public attention due to concerns about police surveillance. Additionally, a dissident activist and journalist was attacked and later died, among ongoing issues with press freedom and safety in Kazakhstan.

The Middle East and North Africa (MENA)

Algeria, Syria, Iraq, and Jordan frequently implement nationwide Internet shutdowns to prevent exam cheating. These shutdowns, while effective, come at significant economic costs and disrupt essential services. Experts argue that such measures are excessive and fail to address the root causes of cheating. They advocate for more balanced approaches, like modernizing assessments and focusing on critical thinking skills. On June 5, Iraq authorities ordered an Internet shutdown from 6:00 to 8:00 AM, marking the third shutdown of the week. This decision followed a history of using Internet blackouts to prevent exam cheating, despite criticism and calls from digital rights organizations to ensure uninterrupted Internet access. Algeria announced another nationwide Internet shutdown during high school exams from June 9-13, to prevent cheating. This practice, ongoing for eight years, disrupts digital work, e-commerce, and journalism, causing significant economic losses and inconvenience. Critics argue that the policy is ineffective and damaging, urging the government to find better solutions.

Just in 2023, Morocco faced over 52 million cyber threats, including 40 million email threats and 1.6 million malicious URL attacks. The report highlighted a global 349% increase in email malware detection.

In June, Jordanian authorities used the Cybercrime Law to suppress freedom of expression and arrest political activists amid protests supporting Gaza. Activists, including Khaled Al-Natour, were detained for their online statements. Family members of detainees were also arrested to pressure activists violating legal procedures. This crackdown has raised concerns about self-censorship and the erosion of civil liberties in Jordan.

In May, Turkey’s competition board fined Meta Platforms 1.2 billion lira ($37.20 million USD) for data-sharing violations involving Facebook, Instagram, WhatsApp, and Threads. The fine results from two investigations showed the importance of user consent and transparency. Meta temporarily shut down Threads in Turkey to comply with regulatory orders, reflecting ongoing global regulatory scrutiny of its practices.

Algeria’s new Penal Code amendments, adopted in April, will deepen repression ahead of the presidential elections. The amendments increase penalties for defamation and information leaks. This move empowers the government to stifle dissent and prosecute critics, raising concerns about human rights and freedom of expression.

On May 5, the Israeli cabinet unanimously voted to shut down Al Jazeera’s operations in Israel, citing security concerns. Al Jazeera condemned the decision as a “criminal act” and a violation of press freedom. Israeli authorities seized broadcasting equipment, and major providers blocked the network’s channels and websites. The move escalated tensions and impacted Al Jazeera’s coverage of the Gaza conflict. Later that month, Israel ﷟seized but later returned AP’s broadcasting equipment, citing a new media law against providing footage to Al Jazeera. The seizure faced criticism from the Joe Biden administration and journalists’ organizations.