Friday, September 30, 2016
Enforcement of DP Law Begins in Ghana; Implementation Moves Forward in the Philippines and Turkey
Ghana’s Data Protection Commission (DPC) has begun taking enforcement actions against data controllers who fail to register as such, as required by the Data Protection Act 2012. The DPC began the registration process in April 2015, and some 500 controllers have registered their data processing activities since that time. Failure to register, which is the first step in demonstrating compliance with the law, is a criminal offense which can result in both a fine and imprisonment for up to two years. The chair of the DPC, Teki Akuetteh Falconer, attributed the slow take-up to “a general environment of apathy towards laws in our society and a lack of awareness on the value data protection can bring.” In other countries in which the movement towards effective data protection laws has been long and drawn-out, on September 9 the National Privacy Commission of The Philippines finalized and issued implementing rules and regulations for the country’s Data Privacy Act of 2012, and Turkey will be establishing its Data Protection Authority on October 7, at which time the most significant provisions of its data protection law will come into effect.