The Data Protection Commission will not prosecute the Electoral Commission after a report by the Auditor-General revealed that the Commission had sold voters’ data to a private company without an agreement.
Executive Director of the Commission, Patricia Adusei-Poku in an interview with Joy News said the issue will be handled outside of the court.
“Prosecution is a last resort option, and prosecution is what we usually do when the entity is failing to cooperate with the Commission.
“If entities cooperate with the Commission, we don’t go for prosecution because there is no benefit in that for the masses. What is of benefit to us is that the EC wants to be accountable. That is of more benefit to us than going to court,” she said.
A special audit carried out by the Auditor-General on the Electoral Commission has revealed the Commission sold voters’ data to an Accra-based software development company.
According to the report, the software development company, Bysystem Ltd, bought the data from the EC and further sold them to financial service providers for a fee.
- Four very crucial security policies and tips to keep company networks safe during this pandemic – Read Now!
- Russian millionaire hacker, Yevgeniy Nikulin found guilty for Dropbox, LinkedIn, and Formspring breaches – Read now!
- Flash Sales: Huawei’s new Nova 7i sold out under four hours – Here is the reason for the rush!
- The WannaCry Attack and why Hospitals are still at Risk – Read Now!
- What is IPv6?, How different is it from IPv4 and do I need it? – Here’s everything you need to know!
The Audit on the EC was part of special audits carried out by the Auditor-General on selected state institutions in 2018. The audit report also revealed that there was no agreement between the EC and Bysystem Limited on the sale of voters’ information.
“We further noted that Bysystem Ltd. failed to remit the 20% commission due to the Electoral Commission, in respect of charges for accessing the data, for the 2016 and 2017 financial years,” the report stated.
The EC, according to the report, responded to its findings and stated that “there exists a Memorandum of Understanding (MoU) signed between the commission and Bysystem Limited.”
The Data Protection Commission said it is in talks with the EC concerning the issue.
Adusei-Poku said while a court action may seem tenable, that is not the route the Commission will take.
“We will use all available channels. This is why we want to sit down and talk as the first option because we know that data protection is new to that nation and it takes time to understand what an accountable organisation is so if there are gaps, we will rather sit down and discuss,” she said.
A sanction, in her view, works better under the current circumstances and the Commission will ensure that the right things are done.
She also said the Commission may not prosecute individuals who played a role in the sale of data to the Software Development Agency if the EC complies with their directives.