Data Protection Commission to begin naming and shaming of unlicensed data controllers today

By Justice Kofi Bimpeh

The Ghana Data Protection Commission will on Monday June 19, begin publishing names of institutions which protects data on behalf of people and businesses but are not duly licensed by the commission.

The exercise would enable individuals and the business community  determine data management services that have the required approval to operate.

Executive Director of the Data Protection Commission, Teki Akuetteh Falconer says the move has been necessitated by the apathy and defiance of some data controllers to register with the commission and ensure the right measures are put in place to protect sensitive data in the country.

The Data Protection Act 2012 (Act 843) mandates all public, private, local or international consultants and individuals that collect, hold and use personal data in Ghana, to register with the DPC. Doing so without registration is therefore illegal.

Speaking at a media briefing, Teki Akuetteh Falconer indicated entities that have fallen foul of the law include some Ministries, Departments and Agencies; Municipal, Metropolitan and District Assemblies; public and private organisations; security agencies, airline companies, Law firms, hotels and restaurants, companies, partnerships and trusts, hospitals and clinics, microfinance and insurance companies, accounting and auditing firms, educational institutions, media houses, voluntary groups and associations.

She called on the public to desist from working with non-compliant agencies, companies and individuals to ensure the ultimate goal of strengthening data security is achieved.

The exercise will be done every month to help adequately protect data of individuals and institutions.