Commission to intensify prosecution of negligent data managers
Data controllers who undertake their duties with negligence or in breach of the Data Protection Law are going to be prosecuted in a joint effort by the Data Protection Commission and the Attorney-General’s Office.
Ms Patricia Adusei-Poku, the Executive Director of the Commission, who issued the warning, said the Commission was ready to enforce the Data Protection Act 2012, (Act 843) this year.
It will therefore, publish the names of data controllers and their businesses in the national dailies for irresponsible conduct, sanction them for failure to register with the Commission as required by law.
Ms Adusei-Poku was addressing a durbar to climax activities marking this year’s Global Data Protection Day, in Accra, on Wednesday.
The occasion was also used to officially outdoor the Commission’s new Secretariat and 2019 Work Plan.
Ms Adusei-Poku said the Data Protection Law took retrospective effect and affected every facet of life, therefore, any data controller, which has not registered with the
Commission stood a high risk of being prosecuted and fined appropriately.
She said with the support of the World Bank, the Commission had secured new software for registration purposes and to provide a road map for data compliance, to be out-doored in April, this year.
The celebration was held under the theme: “A New Chapter in Enforcing Accountability and Empowering Data Subjects”. It was used to take stock of the achievements chalked by the Commission since its inception.
The event attracted heads of stakeholder agencies, including the National Identification Authority, Chamber of Telecommunications, the Audit Service and National Communications Authority.
Ms Adusei-Poku highlighted its work plan for this year, noting that, it would embark on a nation-wide data protection awareness campaign to sensitize the citizenry.
It would focus on the relevance of securing their privacy and the need for data protection controllers to register with the Commission and safeguard the information of individuals.
She announced that the Commission will host the First International Data Protection Conference from June 22 to 28, at the Accra International Conference Centre for the African Network of Data Protection Authorities.
The conference will bring together data controllers, businesses and agencies involved in data gathering, processing and preservation to discuss critical issues pertaining to data privacy and protection.
Some gurus in the industry who have confirmed their participation include Microsoft, Facebook, United Nations Special Rapporteurs, ECOWAS, Common Wealth and Council of Europe and World Bank CGAP.
Ahead of the conference, Ms Adusei-Poku said it had constituted a Youth Committee to spearhead the awareness campaign and appealed to corporate entities, the media and other stakeholders to support the awareness campaign.
She said with the availability of NaBCO personnel, the Commission would scale up its nationwide education to the remote parts of the country to educate them on the relevance of keeping their data safe.
Those activities, she said, were geared towards achieving its three key objectives: Ensuring Transparency; Trust and Transformation in the conduct of business and management of information.
Outlining some successes chalked by the Commission since its inception, the Executive Director said although it was plagued with inadequate staff and financial resources, it was able to train some 60 data controller practitioners and carried out educational campaigns.
Mr Vincent Sowah Odotei, a Deputy Minister of Communications, in an address, said Ghana had been a trailblazer in Africa for enacting data protection law to secure the privacy of the citizenry and letting its voice be heard in the international arena.
Therefore, in line with its national transformation agenda and recognition of the technological advancement, the Government acknowledged the relevance of a legal framework to ensure the growth of the digital economy; balanced with the security and protection of the personal data of people by increasing transparency, fairness and accuracy, he said.
That, he said, the Data Protection Act 2012, (Act 843) was pivotal in striking the balance and promoting economic productivity whilst protecting the rights of individuals as fundamental human rights.
The Data Protection Commission is an agency of the Ministry of Communications mandated to protect the privacy of the individual and personal data as well as enforce the data protection law.