This was an exercise organised by the Data Commission and the cybercrime units of the Police CID to summon and arrest data controllers who had failed to comply with the Commission’s Act to register the company.
The exercise found out that companies such as; Marina Mall Market and Korle-Bu Hospital were registering while Koala Shopping Centre and Best Western Premier Hotel were yet to start the process of registration.
The Data Protection Act, 2012 (Act 843) sets out the rules and principles governing the collection, use, disclosure and care for your personal data or information by a data controller or processor.
The law explicitly states that “a person who fails to register as a data collector, but processes personal data commits an offence and is liable to summary conviction to a fine of not more than two hundred and fifty penalty units or a term of imprisonment of not more than two years or to both.”
The Act recognised a person’s right to protect their personal data or information by mandating a data controller or processor to process such personal data or information in accordance with the individual’s rights.
Chief Superintendent of Police (CSP), Dr Herbert Gustav Yankson, Head of Cyber Crime Unit of the Police CID said the exercise was necessitated after discussions with the companies and education with the stakeholders about the Act.
He said their outfit realised that most of the companies in the country had not adhered to the provisions of the Act especially with registration and that the exercise was crucial because the companies processed individual data which were sensitive for protection.
CSP Yankson said companies such as Malls and Supermarkets were part of the exercise because the used CCTV cameras at their various shops as security measure and there was the need to know how those information are protected since it involved the privacy of individuals.
He said the Commission and CID unit would continue the exercise across the country until all organisations complied with the Commission’s Act.