Creating An Enabling Legal Framework For E- Government : Where are we as a nation?

INTRODUCTION
E-government may mean different things to different countries depending on their level of economic development and therefore different lenses being used in assessing the effective and efficient use of ICT in delivering government business. A country that has an already developed ICT infrastructure and computerised government back office processes will have a different view about e-government that may be more service delivery bias to a country running a manual government back office which will be more oriented towards automation of the back office processes. The definitions of e-government can therefore be said to be within a continuum of automation of government internal business to an external interaction with its citizens. This has broadly been re-categorised by Timothy Waema Professor, School of Computing and Informatics, University of  Nairobi, Kenya) into e-administration, e-services and e-society and in practice it may be possible for different government bodies to be at a different category depending on vision, leadership and the political will in place.   
For the understanding of what e-government is and purposes of this article I would choose two definitions that in my opinion explain the narrow and broad meanings of e-government. 
Narrow Definition
The narrow definitions seem to concentrate on the mere automation of traditional public service delivery systems that is taking the traditional manual service online by way of electronic service.
‘E-government is the application of Information and Communication Technology (ICT) by government agencies’  UNDP (2001)
Here ICT is seen as a panacea, an end in itself in that once ICT is applied to government business there should be some gains in terms of efficiency. I however doubt if without the needed change management, culture re-alignment and capacity building this would be achieved.


Broad Definition
This encompasses a transformational effect of new processes and using ICT to address transparency in  public sector delivery. A new way of Government -to-Citizen relationship.
‘the use of information and communication technology in public administrations combined with organisational change and new skills in order to improve public services and democratic processes and strengthen support to public policies’ (Europe’s Information Society, 2004)

Here ICT is seen more as a means to an end, an enabler, transformer and a tool to be adopted by government to achieve its transformational goal. The “e” in the government is therefore a necessary but not sufficient ingredient in the transformational process.
Legal Framework
There seem to be no single omnibus model legal framework for e-government development though some countries such as France , Finland and Italy have attempted to put in place specific and clear legislation to promote the use of electronic data transmission in public services delivery. These are however complemented by other general e-commerce legislations.  Other countries such as Estonia and the United Kingdom (UK) at the moment have no overall e-government legislation but have either amended some of their laws and created new ones that facilitate business (both public sector and private sector) in the digital platform. The three main legal issues as indicated by Roland Amoussou-Guenou ( a regional expert on legal cooperation in the Association of Southeast Asian Nations)  with respect to e-government implementation are ‘trust and confidence, legal validity and remedies available.’ It is therefore not enough to declare legal validity of e-government by way of legislation but then there must be trust and security in the delivery of public service. This according to him requires protection of personal data, authentication, identity management, privacy and data protection, network and information security and the fight against cybercrime. 
I intend to look at the “effort” by way of legal framework Ghana is putting in place to build the needed trust and security in the delivery of public service. Though I have my opinion on the extent of the “effort” that is by way of content, this article is about the process not content and to determine whether we are on the right path.   

 GHANA’S E-GOVERNMENT LEGAL FRAMEWORK
There seem to be no specific detailed e-government legislation in Ghana. At the moment, as per my research findings,  there are five  laws that have been passed to regulate ICT development in the country in general and these will need to collectively create the enabling regulating environment for the country’s e-government development.  These are :
§  National Communications Authority Act 2008, Act 769  (NCA 2008)
§  The National Information Technology Agency 2008 , Act 771   (NITA 2008)
§  The Electronic Communications Act of Ghana 2008, Act 775   (ECA 2008), supplemented by the National Communication Regulation 2003 (L.I 1719).
  • The Payment Systems Act 2003, Act 668
  • The Electronic Transactions Act of Ghana 2008,  Act 772  (ETA 2008)
The Electronic Transaction Act 2008 (Act 772), is a composite, omnibus, all embracing Act covering anything to do with the use of electronic communication and transaction and therefore can be said to be the main legal framework that seems or is intended to address the legal concerns and issues relating to e-government.
Whilst the other Acts deal with other enabling legal issues in ICT development  in general,  Sections 25 to 27 of Act 772, deals specifically with e-government services and basically provides that public bodies amongst others:
·         Arrange to carry out their functions electronically or online
·         Accept electronic filing of documents
·         Accept payment electronically
This vision seems to align more with the minimalist approach of a narrow definition which I would say is okay for now as long as we have the broad approach in focus as the desired future state.


VALIDITY, INTEGRITY AND AUTHENTICITY  OF  ELECTRONIC DOCUMENTS
Under ETA 2008 (ACT 772), Ghana has given legal recognition to electronic information subject to certain exclusions as satisfying the requirement of where the law requires documents to be in writing and where information needs to be retained or presented in its original form it is also satisfied by an electronic record once there is reliable assurance of the integrity of the electronic record and is capable of being displayed to the person to whom it is to be presented. Integrity according to the Act refers to  ‘…whether the information has remained complete and unaltered…’ Electronic records have also been made admissible as evidence in court proceedings.  These provisions are intended to resolve the legal challenges with respect to original documents, keeping of electronic records and its evidence in court proceedings as well as general acceptance of electronic documents.
The use of digital and/or electronic signatures has been given legality with respect to the  authentication and validity of electronic documents under the ETA 2008 (Act 772).
From the above, it can be said that the validity, integrity and authenticity of electronic documents should “ceteris paribus” not be an issue with respect with dealing with government which is a good development.
PROTECTING DATA AND DATA SUBJECTS
At the moment, there is no well defined, distinctive legal framework for protecting data and data subjects, however certain sections of some of the ICT related legislation attempt to address some of the issues but not in a holistic and comprehensive manner. Citizens communicating with government (G2C or C2G) through the electronic platform, will need the assurance that there is protection for data held on them by all connected players participating in this electronic platform that facilitate what can be called e-relationship. Without the assurance the diffusion of government e-services will be a challenge.
Under the National Communication Regulations 2003 (LI 1719)  with regards to Privacy and secrecy of communication,  it states that:
Operators must employ international best practices in the industry to promote privacy, secrecy and security of communications carried or transmitted by them or through their communications system and of the personal and account data related to their subscribers’.
What is meant by ‘international best practice” is however ambiguous. What if there is a breach?. What redress or rights do the subscribers have as data subjects if the ‘international best practice’ is not followed. Who determines the international best practice and what the benchmark is.
Under the ETA 2008(Act 772) , financial institution are prohibited from disclosing the list and details of holders of electronic payment medium to third parties without their prior written consent or by court order. This is good protection for data subjects and when breached the law makes each director and officer of the institution who failed to comply liable to penalty points or a maximum imprisonment of not more than five years.
This is punitive enough for the financial institutions to put in the needed protecting of data but what rights does the customer (data subject) have against the financial institution(data controller) aside falling on normal banking laws relating to the duty of secrecy owed by the bank to its customer. If Act 772 intends to protect the data subject then it needs to be comprehensively done if not then though the attempt made in Section 52 is laudable it seems to be already protected under normal laws relating to banking.
Government agencies such as the internal revenue service, security and hospitals may hold very sensitive personal data on citizens in electronic form as a result of e-government business and this poses a risk if not protected technically and legally.  Section 55 of Act 772, gives the Minister responsible for the administration of the Act, the right to declare ‘a computer, computer system or computer network’ used by certain government agencies as well as banking and financial institutions as a ‘protected system’ and therefore makes it an offence punishable by a summary conviction to a fine or maximum of ten years or both if an unauthorised attempt or access is gained to such ‘protected system’ or related electronic record.
Under section 56 of Act 772, certain classes of information which are of importance to the protection of the national security of the Republic or the economic and social well being of its citizens have been given special protection as “critical databases”.
These gives some confidence that special legal protection has been given to sensitive personal data but then what rights have the data subjects against the owners of the declared ‘protected systems’ or administrators of the ‘critical databases’ who may be data controllers against  negligence in not physically and technically securing their systems.  What is needed to address this gap is a specific Data Protection Act to give legal rights to data subjects.
ONLINE CONTRACTING
Section 11, Contracts Act 1960 (Act 25) states:
Subject to the provisions of any enactment, and to the provisions of this Act, no
 contract whether made before or after the commencement of this Act, shall be
void or unenforceable by reason only that it is not in writing or that there
 is no memorandum or note thereof in writing.

Section 5, ETA 2008 (Act772) as stated earlier gives recognition to writing in electronic form hence under the Ghanaian electronic legal framework, e-mail, online or electronic contracting (e-contracting) has been acknowledged since it cannot be void or unenforceable by reason only that it is not in writing in the traditional sense. This obviously is a good development for e-government development.
CYBER CRIME. COMPUTER CRIME AND RELATED FRAUD
This is an area that has been comprehensively treated by way of offences relating to cyber crime and computer crime. It also gives credence to offences relating to the use of electronic medium or form under various laws in Ghana which is positive. Under S123 of Act 772 it states that:
Except as provided for in this Act, any offence under a law which is committed in whole or in part by the use of an electronic medium or electronic form is deemed to have been committed under that Act and the provisions of that Act shall apply with the necessary modifications to the person who commits the offence
Sections 107 to 115 of Act 772, modifies various sections of the Criminal Offences Act 1960 (Act 29) that deal with stealing, crimes, forgery and related criminal offences to include anything done ‘electronically’ hence bringing criminal offences within the digital platform. This is another positive development for e-government.
ACCESSING GOVERNMENT INFORMATION
Access to government information in my opinion is most critical for e-government development as it is the cornerstone for transparency and public accountability in the broad definition of e-government.  Though the ETA 2008 (Act 772)  makes it possible for government functionaries to carry out their functions electronically or online there is no obligation for these bodies to proactively publish information on their websites or make information available to the tax payer once demanded by way of accountability.
A Freedom of Information Bill is currently being worked on which is hoped will amongst others oblige government bodies to readily make available or publish information they hold and to give the general public the right to know what information is being held by these bodies.  
There has been a lot of government inertia in getting the Bill passed as it is power in the hands of the people and away from politicians. I have likened this to husbands being asked to pass a law that allows wives to request for information on how their husbands use their salary and where they go or do after work as well as gifts they have purchased for their female friends with receipts. Big wahala! but again wives could say if husbands have nothing to hide this should not be an issue. Yes, as husbands we have nothing to hide (really?) but will not pass it in a hurry unless wives agree on certain exceptions and fully understand what we are giving away.  This to me seems to be the dilemma now with the Freedom of Information Bill.

ON-LINE PAYMENT SYSTEMS
Under the Payment Systems Act 2003, Act 668  the Bank of Ghana (Central Bank) has been empowered amongst others to:
‘establish, operate, promote and supervise payment, funds transfer, clearing and settlement systems subject to such rules as it may publish; and ‘designate any other payment, funds transfer, clearing and settlement systems operating in the country, which the Bank considers to be in the public interest to supervise’
It also provides for the admissibility of electronic evidence in the law courts.
The development of mobile money and  ezwich  is also positive towards developing a transaction phase for e-government and though the ETA 2008 (Act 772) has aspects that deal with ‘electronic payment medium’ in general and mostly with respect to offences and misuse there seem not to be an explicit legal framework for the regulation, rights and obligations of issuers and users of e-money to facilitate this  “transaction phase”.  This is a critical phase which may give room to unregulated models that may impact on money supply if not specifically regulated.
The interpretation of an “electronic payment medium” given by Act772 is:
includes any medium issued to a holder capable of being used to make an electronic financial transaction.
                If this includes especially e-money and other card based transactions such as credit and debit cards then a much more comprehensive framework is needed to give confidence, protection and security to the holder for the diffusion of such means of payment as allowed by the e-government provisions in the Act
PRIVACY AND ANONYMITY
Though Article 18 (2)  of the Constitution of Ghana seems to be the main protection with respect to right to privacy and anonymity,  S96 of Act 772 specifically, gives some privacy protection except as provided in the Act to the citizens of Ghana when it comes to electronic communication in that:
any person or entity that provides an electronic communication service and remote computing service to the public shall not knowingly divulge the contents of a communication while in electronic storage by that service to any person or entity.
Again under S102 of Act 772, unless under Court order or written consent of the subscriber or customer, it is an offence by an electronic communication provider or a remote computing service to disclose a record or information of a customer or subscriber.
The Act does not however define what an ‘electronic communication service’ or ‘remote computing service’ is but the two terms seem to be broad enough to encompass any government agency providing e-services.
An area that is not clear with respect to protection of privacy is S96 (2d) of Act 772where it provides that :
 a person or entity may divulge the contents of a communication to a person employed, authorised or whose facilities are used to forward the communication to its destination 
The spirit behind the above section does not come out clear. Should a person employed, authorised or whose facilities are used to forward the communication to its destination necessarily know the contents of the communications? Under what circumstances would there be the need to divulge the contents of the communications to for example an employee of a provider whose facilities is being used to forward the communication to its destination. The meaning of ‘electronic communication service’ or ‘remote computing service’ as used in the Act would make it clearer
CONCLUSION
Generally, it seems as a country Ghana is has made efforts to put in place the needed legal framework for the development of e-government. In terms of process, we are on the right path though there are areas that need to be addressed to complete the process of trust and security such as passing a Freedom of Information Act (FOIA), Data Protection Act(DPA) and possibly an E-Money Act to support the transactional phase of e-government.
In enabling the legal environment, Ghana seems to have adopted a “producer centric approach” with a  bias of protecting the establishment of the digital platform against crime, fraud and misuse as against a “customer centric approach” of protecting the user of the digital platform. At the moment the Ghanaian approach may be understandable since there is the need to build confidence, safety and security in the technology itself and then perhaps with increased diffusion protect the users and control the providers. The dilemma is however whether users (citizens) would want to be protected and providers controlled before using the digital platform whereby as a country, e-government by way of the technology would be very much feasible and deployable but not being used by way diffusion until the minimum expected legal framework (DPA and FOIA) is completed.
With respect to content of the legal framework, in my opinion, there exist some ambiguities that will require what I will call savvy  e-lawyers and e-judges  when it comes to e-disputes but that is a different issue. So far so good as they say.

Comments

Post a Comment

Popular posts from this blog

LEGAL ISSUES IN E-COMMERCE WEBSITE DEVELOPING IN GHANA: OWNER BEWARE

Introduction Website presence in the new global village will become a “sine qua non” in conducting business if Ghanaians want to take advantage of the digital platform.   The first point of call in wanting to do this is to approach a website designer with some ideas on how you want the site to look like and the features you expect to see. Design functionality and aesthetics most invariably are the issues the developer becomes pre-occupied with but there are legal issues to contend with especially more so when the website is accessible to anybody, anywhere and at anytime. The Electronic Transactions Act 2008(Act 772) however gives directions as to how website developers can resolve these legal issues. I intend to raise the legal issues in website designing and attempt to give some indications as to what functionalities and best practice may be needed to satisfy the law   Legal Issues in Trading Through A Website There are a lot of legal considerations when designing a website and th
Read more

IMPLEMENTING THE FREEDOM OF INFORMATION ACT: ARE WE EXPECTING TOO MUCH TOO SOON?

INTRODUCTION Information flow between government and its citizens was deemed by Rt Hon Jack Straw (a UK MP) to not only empower the people but to promote a “vigorous and robust democracy”.   The Right to Information Act, 2019   except under certain exemptions is intended to give the public the “right to know” the type of information held by public bodies. It is an attempt for “greater transparency, accountability and engagement” in government business and should “transform the culture of Government from one of secrecy to one of openness ” . In the UK for example, it led to the resignation by Michael Burgess as coroner for the late lady Diana’s inquest; it led to the disclosure of detailed breakdown of MPs travel expenses after an initial plan by ministers to exempt such disclosure; it led to World Development Movement (WDM) getting information relating to the biggest carbon dioxide polluters in the UK which before the Act would not have been readily available. There is the argu
Read more

ELECTRONIC SIGNATURES AND DIGITAL SIGNATURES: HAS GHANA GOTTEN IT MIXED UP UNDER THE ELECTRONIC TRANSACTIONS ACT 2008 (ACT772)?

INTRODUCTION In my opinion there is a distinction between an “electronic signature” and a “digital signature” and I stand to be corrected but Act 772 seems to be referring to “electronic signatures” whilst talking about “digital signatures” or vice versa and this gets me confused. My understanding of “electronic signature” is that it is data in electronic form which can be attached to, or logically associated with other electronic data and which serve as a method of authentication. This therefore means that the following may fall under electronic signatures: A hand signed signature in ink, scanned and electronically delivered Electronically typed (Computer) signature and electronically delivered An electronic typed name and electronically delivered An electronic symbol that is electronically delivered The above attached to an electronic document may not be a safe way of authenticating a document but acceptable as long as the signatory accepts having signed the document. After a
Read more