Ghana: Ministry of Communication, Digital Technology and Innovations closes consultation on Data Protection Act, 2025 including data protection regulation

On 31 October 2025, the Ministry of Communication, Digital Technology, and Innovations closes its consultation on the Data Protection Act, 2025, including data protection regulation. The Act would establish a set of data protection principles to be observed by controllers and processors, including accountability, lawfulness, data quality, and data subject participation. Explicit data subject consent is required for processing. The Act would further mandate limits on data retention, enshrine data subject ownership, require data protection impact assessments where processing is likely to pose risks to data subjects, legitimate interest assessments, and data protection by design. The Act would also establish a range of data subject rights, including access, data portability, erasure, and specific rights in relation to direct marketing, election campaigns, and automated decision-making. Processing a child’s personal data would require the consent of a parent or legal guardian. Special personal data, including data belonging to children and pertaining to religious, ethnic, or other sensitive categories, would be prohibited unless specific requirements set out by the Act were met. Data controllers would be required to appoint a data protection officer.