Data Protection Centre cries for resources - Director
The Executive Director of the Data Protection Commission (DPC), Ms Patricia Adusei-Poku, says inadequate funding is hampering the work of the commission.
She said the commission had sometimes risked its integrity by appealing to some companies and institutions for support.
“These are companies we have been mandated to check on, and now we are appealing to them for support. How can we compel them to comply with the law?” she asked.
In an interview with the Daily Graphic in Accra last Wednesday, Ms Adusei-Poku said the commission had largely relied on internally generated funds, which she said was quite limiting for an up-and-coming institution like theirs.
The DPC is an independent statutory body under the Ministry of Communication and established through the Data Protection Act, 2012 (Act 843) to protect the privacy of individuals and personal information by regulating the processing of personal information while empowering individuals to effectively protect their personal information.
When the Act was established in 2012, the country received several commendations from international bodies, including Microsoft, for being among a few countries in Africa to establish a law to protect personal data.
However, more than six years after its establishment, the commission is yet to initiate any prosecutions because it found out that many organisations were still unaware of the law and the responsibilities on them.
Ms Adusei-Poku said as an institution which had been tasked to regulate the processing of personal information, the job would have been more effective if the commission had experienced personnel who were well-vested in the knowledge of data protection to be able to determine if a company was not complying with the rules.
She said due to inadequate state funding, the commission could not employ qualified persons because it could not afford to pay them, stressing that the commission had to rely on national service persons who pass through the system.
“Now we have to start from scratch and train these people. What if they complete their service and decide to leave? It means we have to take a new set of people and start all over again,” she lamented.
Ms Adusei-Poku said most companies and institutions in the country had limited knowledge about data protection, and that the commission had to make sure that every company had at least one person who was an expert in data protection.
“Such activities involve money because we have to move with cars and they need to be fueled.
This has become a huge challenge to us because this is a new establishment and until people are trained to understand it we cannot enforce the law,” she said.
She said the challenges notwithstanding, the commission had made some strides in the effort to protect personal information in the country.
She mentioned that so far over 60 government agencies in the country now had trained staff on data protection, and that they had deployed several trained Nations Builders Corps (NABCO) staff to some companies across the country to help them to comply with the Act.
The executive director said Ghana would this year host the International Conference of Data Protection and Privacy Commissioners (ICDPPC), a global forum for data protection authorities around the world, which she said was going to provide several opportunities for the country, including international recognition.