Ghana DPA

Data Protection Act 2012 (Act 843)

Ghana's comprehensive data protection law establishing data subject rights including right to prevent automated decision-making and requiring breach notification.

Jurisdiction

Ghana

Enacted

May 16, 2012

Effective

Oct 16, 2012

Enforcement

Data Protection Commission (Ghana)

Ghana Data Protection Commission

Why It Matters

Ghana's Section 41 automated decision-making rights apply directly to AI chatbots making risk assessments or providing recommendations.

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Requires

Transparency User Rights Data Minimization

Who Must Comply

Data controllers and processors in Ghana
Entities processing personal data of Ghanaian residents
Automated systems processing personal data

Obligations fall on:

Safety Provisions

Right to prevent processing for automated decision-making (Section 41)
Breach notification required
Data controller registration with Data Protection Commission
Security safeguards for personal data
Sensitive data requires explicit consent

Compliance & Enforcement

Penalties

GHS 25K; criminal (up to 3yr)

Criminal liability

Primary Source

Ghana Data Protection Commission

https://www.dataprotection.org.gh/

View on map

Ghana

Focus Areas

Mental health & crisis

Algorithmic accountability

Cite This

APA

Ghana. (2012). Data Protection Act 2012 (Act 843).

Related Regulations

In Effect ZM

Zambia DPA

Zambia's comprehensive data protection law with special protections for vulnerable persons and DPIA requirements for high-risk processing.

In Effect BW

Botswana DPA

Botswana's modernized data protection law requiring Data Protection Impact Assessment and establishing age 16 for consent.

In Effect SC

Seychelles DPA

Seychelles' modern data protection law requiring DPO for large-scale processing and recognizing Cross-Border Privacy Rules certification.

In Effect RW

First African country to adopt comprehensive national AI policy. Establishes Responsible AI Office (RAIO) under MINICT. Implements RURA ethical guidelines covering beneficence, non-maleficence, autonomy, justice, explicability, transparency. Non-binding framework.

In Effect CN

China CSL Amendments

First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.

In Effect US-CA

CA SB 524

Requires law enforcement agencies to disclose when AI is used to write or assist in creating official police reports, maintain audit trails, and preserve AI-generated first drafts.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.