Ningo Prampram Member of Parliament Samuel Nartey George has said that there is widespread evidence of multiple breaches of citizens’ personal data in the SIM card registration exercise.
In his view, this is a grave issue in any country.
In a Facebook post, he said “There is widespread evidence that there are multiple breaches of citizen’s personal data during the SIM card registration exercise. A grave issue in any serious jurisdiction.
“Do not forget that I had raised this issue on the 17th of October 2022 and the response from the National Communications Authority Ghana was that they were doing mystery shopping.
“Today, the Director of Legal at the Regulator is not telling us steps taken to check the extent of the breach but is shifting responsibility to citizens to wait for an app to check if they have suffered a breach. Good graces! How low have we sunk as a nation?” parts of the post he shared read.
Below is his full post.
We are in a crisis!
There is wide spread evidence that there are multiple breaches of citizen’s personal data during the SIM card registration exercise. A grave issue in any serious jurisdiction.
Do not forget that I had raised this issue on the 17th of October 2022 and the response from the National Communications Authority Ghana was that they were doing mystery shopping.
Today, the Director of Legal at the Regulator is not telling us steps taken to check the extent of the breach but is shifting responsibility to citizens to wait for an app to check if they have suffered a breach? Good graces! How low have we sunk as a Nation.
The following should be the crisis mitigation steps;
1. The NCA should immediately halt any further registration and conduct a thorough investigation of registration records to have determine how many SIMs have been registered with each unique Ghana Card number.
2. They should then send messages to the primary number associated with each Ghana Card notifying the holder of the number of SIMs registered.
3. Where there is an issue of unauthorised registration using the Ghana Card, the customer is then given a chance to raise a complaint and the Data Protection Commission Ghana is immediately activated to determine the challenges with whichever Data Processor was involved and remedial steps taken including compensation and punitive action on the Data Processor.
4. Based on the findings of the DPC and NCA, criminal charges for identity theft and Data breaches would be brought against the persons or entities involved in the identity theft.
This is what a functional system should commence immediately as a triage of this process which is necessary and commendable but which has been messed up from the get go by poor public policy planning.
