Ghana: National Communications Authority closes consultation on Electronic Communications Act, 2025 including cybersecurity regulation

On 14 November 2025, the National Communications Authority closes its consultation on the Electronic Communications Act, 2025, which includes provisions for cybersecurity regulation. Electronic communications and broadcasting service providers would be required to implement technical and organisational measures for network and service security, in line with cybersecurity regulator standards. They would be required to report cybersecurity incidents affecting network integrity or causing service disruption to the Authority and the national cybersecurity regulator within twenty-four hours of detection. Network breaches involving subscriber data would have to be reported to the National Communications Authority within twenty-four hours, with a parallel notification to the Data Protection Commission if personal data is compromised. The Authority, in consultation with the cybersecurity regulator, would enforce minimum cybersecurity standards applicable to all operators and service providers.