251 data controllers to be prosecuted for defaulting – Dir of Data Protection C’ssion

Executive Director of the Data Protection Commission, Patricia Adusei-Poku has said data controllers who have defaulted risk prosecution if after 14 days they refuse to oblige.

Speaking to journalists after submitting a list of 251 defaulting data controllers, Madam Adusei-Poku noted that the Department of Public Prosecution will begin legal process to retrieve ¢1.5million from the defaulters.

According to her, the 251 data controllers represent 2.5 percent that have flouted the Data Protection Act 2012 Act 843 by refusing to register with the commission since the passage of the Act.

“After our engagement with her today, she has discussed and agreed with us that we give one last opportunity by actually establishing the fact that they are aware of this obligation by writing to them and quoting section 56 which gives us the power to prosecute them if they are defaulting.

“So we’re going to issue section 56 letters to all these defaulting institutions and give their key decision makers a chance to respond to the defaulting charge that we have against them,” Patricia Adusei-Poku told journalists on Wednesday morning.

The Data Protection Commission (DPC) is a statutory body established under the Data Protection Act, 2012 (Act 843) to protect the privacy of the individual and personal data by regulating the processing of personal data, choices of technologies and integrity of people with access to personal data. The Commission provides for the process to obtain, hold, use, or disclose personal information and for other related issues bordering on the protection of personal data.

READ ALSO:  Robbery at Wassa Akropong Goil Filling Station leaves one dead; MCE vows to find perpetrators

Since Ghana’s digital transformation agenda kicked off, the Commission has been very keen in making public the mandates under the act for both Data Controllers and rights of Data subjects.

Entering the enforcement phase of compliance with the act, the DPC issued has from the beginning of the years issued notice letters to various companies cautioning them to register with the commission or risk facing the law. While some Data Controllers stepped up to comply with the Act other remained adamant to the cautions.

By Laud Adu-Asare