According to the Ghana Data Protection Commissioner, Patricia Adusei-Poku, the Data Protection Certificate would be required of new businesses in the country before they can start operations.
The commissioner said businesses in Ghana, both foreign and local, are required by law to register with the Commission for a Data Protection Certificate even before they can be given an operational certificate.
She also said existing business entities should also go for the Certificate else they risk losing their business operating license. Thus, she is notifying the licensing institutions not to renew the operational license of businesses if they do not have the Data Protection Certificate.
The reason for the move is to force all businesses to obtain the certificate. The Commissioner said though the Data Protection Act has been passed and the nation’s president has directed that every business should get registered with the commission but most of the existing businesses don’t seem to be bothered about it.
Thus, the Commission won’t go soft on business entities anymore. Businesses in the country seem to be deliberately ignoring the law, Madam Adusei-Poku thinks.
According to the commissioner, the disregard for the law and absence of the certificate allows organisations to abuse the data (of their Ghanaian customers) they have. This is, therefore, a disrespect to the real owners of the data.
Madam Adusei-Poku said state institutions and private companies alike profit make from the data of individuals. Nonetheless, these business organisations misuse the data thus disregarding any respect for those individuals’ data. And the Data Protection Certificate is one way to protect the citizen.
It is now time for organisations that profit from Ghanaian citizens’ data to be forced to appropriately use the data they have. The commissioner is calling on Ghanaians to demand to know how organisations that collect their data are protecting that data. If possible, the citizens should further demand proof of assurance of protection.