The first ever Africa Data Protection and Privacy Conference is scheduled to take place at the Accra International Conference Center from the 26th to 27th of June 2019. The conference is being organised by the Ministry of Communication through the Ghana Data Protection (DPC) Commission. This was made known by the Commissioner at the DPC, Ms Patricia Adusei-Poku at a media sensitization workshop in East Legon, Accra.
She said that the conference comes at a time when the entire Africa region is at varying stages in their journey towards enacting Data Protection and Privacy laws and establishing authorities in response to the increased use of technology, the pace of digitization and the exponential growth of activity in the global cyber space.
The conference, she said, will focus on contemporary national and global issues such as the alignment between Privacy and Right to Information among others.
Stakeholders scheduled to partake in the conference include The African Union, East African Community, Economic Community of Central African States (ECCAS), Economic Community of West African States(ECOWAS) , Council of Europe, the European Commission among others.
Details From The Workshop
Ms Adusei-Poku explained during the workshop that, since the passage in January 2019, they have looked at the current terrain in the country and the necessary strategies needed to set up the agency's mandate as spelled out in the Data Protection Act, 2012 (ACT 843).
Section 46 of the law says that all companies that collect data must be registered and certified by the commission. Many institutions, both public and private, have however, failed to register with the DPC despite the need to do so.
She noted that government institutions such as the National Identification Authority (NIA) and Controller and Accountant General's Department (CAGD) who have the mandate to collect personal data of individuals(data subjects) have been sensitized to be circumspect in managing data of citizens. All institutions according to Ms Adusei-Poku are to ensure that they use appropriate technology and the right organisational methods to process and store data of subjects as spelled out in Section 28 of the Act.
The Act also states that all institutions must have certification from the Commission and must appoint a data protection supervisor to manage data processing and storage. "Institutions must document policies in a centralized way with regular training and refresher courses organised for staff on how to handle data of individuals. This process will also help to make information available upon request when the Right to Information Act (RTI) comes into full effect.
Ms Adusei-Poku cautioned institutions such as banks that publish personal information of loan defaulters in the media to desist from it as it breaches data protection laws. She also urged media organisations not to publish such information.
She encouraged citizens to let institutions know what they expect from agencies collecting their data and urged them to educate themselves on the law and how it empowers them. "The Commission will work to meet the needs of data subjects including tourists, migrants and citizens by ensuring that their data stays updated and safe" she added.
Deputy Minister for Communication, Mr Vincent Sowah Odotei said that data protection is very important for every nation that wants to develop. He said that securing the cyber space is important because people must trust that the data they give out is safe guarded and that their fundamental human rights are protected.
Government, he noted, is not only interested in digitization of the economy but also interested in protecting the personal data collected. "Data protection is key" he stated.
Mr Sowah added that the RTI is linked to data protection because it is relevant to know what sort of data can be disclosed. He assured Ghanaians that the Commission has been set up in their interest.
Ghana is the fourth African Country to ratify the Malibu Convention on Cyber Security and Data Protection.