Accra, Ghana – The Ministry of Communications, Digital Technology, and Innovations (MOC) has proposed a sweeping overhaul of Ghana’s digital sector through a new draft bill aimed at transforming the National Information Technology Agency (NITA) into a broad regulatory authority. The controversial draft, which has drawn sharp criticism from industry professionals, seeks to implement mandatory licensing for ICT businesses and professionals, introduce citizen-only ownership qualifications for licenses, and grant NITA extensive enforcement powers, including business closure and asset seizure.
Context: A Shift in NITA’s Mandate
The proposed National Information Technology Agency (NITA) Bill represents a significant departure from NITA’s current role as a coordinating ICT agency. The MOC’s ambition appears to be a wholesale revamp of digital sector governance, extending NITA’s purview to encompass ICT infrastructure, cloud services, software-as-a-service (SaaS) platforms, public sector technology procurement, professional certification, business operations, mergers, ownership structures, standards, audits, and even the architecture of government digital infrastructure.
While the need for improved standards, accountability, and incentives for local innovation in Ghana’s digital space is widely acknowledged, critics argue the draft bill overreaches by venturing into areas where the country lacks policy experience, potentially stifling growth rather than fostering it.
Mandatory Licensing and Ownership Restrictions Fuel Debate
At the heart of the controversy is Section 35 of the draft bill, which mandates that no person can engage in business or related activities within the ICT sector without a license from NITA. This includes the installation of ICT infrastructure, development or provision of ICT products and services, and other activities deemed to require licensing or certification.
Section 36 outlines the broad categories of entities subject to licensing, such as public and commercial ICT infrastructure providers, cloud hosting services, SaaS providers, government digital service partners, and national digital platform operators. Penalties for non-compliance include fines and potential imprisonment.
Perhaps the most contentious provision is Section 37, which stipulates that license applicants must be adult Ghanaian citizens or companies “wholly owned by a citizen.” This clause has been heavily criticized for potentially excluding foreign investment, remote expertise, and non-citizen co-founders, which are often crucial for startup growth and international collaboration in the tech sector. Critics argue this could make it illegal to engage remote experts for systems deployed in Ghana, mirroring a scenario that could have hindered innovation in tech hubs like Silicon Valley.
Certification of ICT Professionals Under Scrutiny
Section 46 of the bill proposes that individuals cannot be appointed as ICT professionals in either public or private institutions unless they are certified by NITA, which will determine the certification criteria and procedures. This has raised questions about the definition of an “ICT professional” in a field with diverse specializations.
Unlike professions like nursing, engineering, or accounting, “ICT professional” is seen as a broad and loosely defined term. International classifications, such as the International Standard Classification of Occupations (ISCO) and Eurostat, list numerous distinct roles within the IT/ICT umbrella, including software developers, network architects, cybersecurity analysts, and data scientists. Critics question whether the government intends to license every individual involved in tasks ranging from website development to data analysis.
Industry experts suggest a more targeted approach, focusing on critical functions such as management of critical public digital infrastructure, financial services cybersecurity auditing, Tier II & III data center operations, public hospital digital health network administration, and public ERP procurement readiness certification. Such a regime, they argue, should be industry-led, similar to practices in accounting, rather than centrally managed by the civil service.
Existing Legal Frameworks and International Lessons
Critics point out that Ghana already has legislation that addresses certain aspects of the digital sector. The Cybersecurity Act establishes a licensing and accreditation regime for cybersecurity service providers due to the systemic risks involved. The Data Protection Act regulates the handling of personal data, requiring registration and imposing security obligations on data controllers and processors.
Furthermore, the Engineering Council could potentially expand its scope to include software engineering. The draft bill’s proponents are urged to review the effectiveness of these existing laws and address any identified gaps before introducing new, overlapping regulations.
International examples also provide cautionary tales. Nigeria’s broad computer professional registration law has not significantly boosted its tech sector, often devolving into gatekeeping and credential signaling. Canada’s approach, while more focused on specific engineering titles, still grapples with mapping traditional professional engineering concepts to modern tech roles. The United States’ attempt to introduce a software engineering PE exam was discontinued due to low participation.
AI and the Informal Sector: Unforeseen Challenges
The rapid advancement of Artificial Intelligence (AI) further complicates the notion of licensing based on professional identity. AI tools are increasingly used by individuals without traditional technical backgrounds to generate code, design interfaces, and automate workflows. This diffusion of technical production across the economy makes it increasingly difficult to define and license “ICT professionals” based on traditional roles.
Moreover, the draft bill’s stringent licensing requirements could disproportionately affect Ghana’s informal ICT sector, which includes laptop repairers, phone technicians, CCTV installers, and small network providers. Aggressive enforcement could increase costs, drive these activities further underground, foster corruption, and reduce access to affordable hardware support, particularly in rural areas. It could also lead to increased e-waste if repair markets are significantly chilled.
Broader Economic and Trade Implications
The citizen-only ownership clause is seen as potentially devastating for Ghanaian startups seeking foreign venture capital, non-citizen co-founders, or employee stock options for non-citizens. This could create significant friction with regional and continental trade agreements like ECOWAS free movement principles and the African Continental Free Trade Area (AfCFTA).
The bill also risks creating a complex web of overlapping regulations, with NITA, the Cybersecurity Authority, the Data Protection Commission, the Bank of Ghana, and others potentially regulating the same digital products and services. This could significantly increase the cost and complexity of doing business in Ghana’s tech sector.
The extensive enforcement powers, including criminal offenses and administrative penalties, could inadvertently chill innovation and discourage incident reporting. Overregulation, paradoxically, might weaken cybersecurity by pushing smaller operators to avoid registration and reporting requirements.
Recommendations for a Path Forward
Industry stakeholders advocate for a revised bill that focuses on regulating specific high-risk activities rather than broad professional categories. Key recommendations include:
- Replacing the blanket ban with a schedule of licensable high-risk ICT activities.
- Restricting mandatory certification to clearly defined risk-critical roles, particularly in the public sector.
- Introducing exemptions for employees performing internal work, students, hobbyists, and small businesses below defined thresholds.
- Replacing the citizen-only ownership rule with incentives for local capacity building and security vetting for sensitive contracts.
- Limiting transaction approvals to changes of control for high-risk licensees, avoiding regulatory hurdles for ordinary business pivots and restructurings.
- Establishing clear coordination mechanisms between NITA and other sector regulators to avoid duplication of permissions.
- Hardwiring due process protections, including published criteria, fee caps, timelines, and appeal mechanisms.
- Incorporating an AI-specific assurance layer, requiring secure development practices and human oversight for high-risk AI systems.
- Implementing measures to support the informal economy, including transition periods and accessible micro-certification.
- Conducting a thorough regulatory impact assessment before the bill’s commencement.
The MOC is urged to withdraw the current draft and engage in broader consultations with independent tech professionals to develop a law that supports, rather than burdens, Ghana’s nascent technology sector, potentially focusing on improving public ICT procurement practices.
Leave a Reply