In recent years, Ghana has experienced a rapid expansion of access to the internet and current trends show no sign of slowing down. In January 2016, Ghana opened a multi-million dollar 600-rack National Data Center in Accra, the largest of its kind in West Africa. Fiber optic rings are also being rolled out to interconnect government ministries and provide all sectors of government with internet access. At least 16 million Ghanaians now have some sort of internet access.
While these developments promise tremendous opportunities for growth, they also introduce significant challenges as the pool of inexperienced and uneducated network users multiply. One of the big issues is likely to be cybercrime, defined by the Budapest Convention as intentional actions of illegal access, interception, data interference, system interference, misuse of devices, computer-related forgery, computer-related fraud, offenses related to child pornography, and offenses related to copyright and neighboring rights. These acts come in a variety of forms, and because of the tremendous capacity to do harm, call for immediate action.
Although Ghana has embraced these technological advancements with open arms, it has yet to develop a legal framework to adequately deal with the proliferating problem of cyber security and cybercrime. Ghanaian laws remain antiquated and technical capacities plainly lacking. Confronting the myriad of challenges these issues present will be crucial for ensuring national security, maintaining consumer confidence in the safety of the internet, and strengthening the Ghanaian economy.
Ghana has had prolonged experiences with the effects of cybercrimes. A 2013 report by the US Federal Bureau of Investigation (FBI) ranked Ghana as the second-largest source of cyber fraud and financial scams in Africa. As early as 2010, Ghanaian small and medium-size enterprises reportedly suffered frequent cyber attacks and Ghanaian banks have more recently become the target of hacking. More frighteningly, many cyber attacks go undisclosed, as companies fear that revealing such vulnerabilities would cripple their popular image and undermine profits.
These cybercrimes - both originating from and targeting Ghanaian netizens (A person who is a frequent or habitual user of the Internet.) - has serious implications for the Ghanaian economy. A report by CyberSource Corp, a US payment processor, found that in 2008 over half of US merchants who accepted international orders refused to process purchases from Ghana, citing fraud concerns. Continued perceptions of the insecurity of Ghanaian transactions will hinder key aspects of economic activity, particularly the growth of local credit and payment systems.
For Ghana, these are not simply theoretical concerns. In January 2015, the main government website was taken over by a rogue group of Turkish hackers that blocked access to official information, underscoring in dramatic fashion the need for a more modern approach to cyber security. A future cyber attack could bring the Ghanaian military to its knees.
The Role of Law and the Current State in Ghana
A thorough and strongly enforced legal framework is critical for combating cybercrime. Given the transnational nature of these crimes, however, national laws that fail to consider international standards tend to prove myopic and thoroughly inadequate.15 Moreover, the reality is that many legal systems have not yet developed a modern approach for dealing with cybercrime. Instead, they rely on traditional common law offenses to prosecute the cyber offense counterpart. This poses considerable problems as 19th-century laws were focused more on physical objects and did not address intangibles, such as data or information.
As late as 2013, there had not been a single example of a successful prosecution under the 2008 Electronic Transactions Act - the primary cybercrime legislation - and such trials are still strikingly infrequent. Indeed, the Ghanaian police still report relying on conventional criminal laws on false pretenses to prosecuting cyber offenses, some of which go back to as early as the 1960s.
Recommendations Ghana can take several measures to better equip itself to deal with cybercrime:
Subscribe to the Budapest Convention on Cybercrime and begin the process of harmonizing laws with the rest of the international community. It is necessary in order to remove Ghana from the potential or actual group of criminal safe havens and facilitate global evidence collection efforts. Moreover, the institutional knowledge provided by the convention could prove useful as Ghana embarks on large-scale reforms.
Establish a central agency devoted to researching, articulating, and coordinating cyber security policies. The new agency should develop a framework for implementing internationally recognized cyber security standards, conduct frequent benchmarking of the development of cyber security measures and consider establishing an accreditation process for certifying the preparedness of public and private organizations.
Conclusion
The meteoric rise of information technologies in Ghana is contributing to economic growth and modernization. These changing conditions, however, necessitate a comprehensive reassessment of existing threats and technological vulnerabilities. Developing a thorough framework for dealing with current and future cyber security issues is integral to the economic vitality and national security of Ghana. While progress towards this objective has been made both domestically and regionally, current efforts have proven woefully inadequate. If Ghana is to realize its potential as the “Black Star of Africa,” it must swiftly adapt to a changing world.
Motiwala, Adam. February 2017. Cyber Security in Ghana: Evaluating Readiness for the Future. Policy Brief 1, Accra: KAIPTC.