Jump to content

Cybersecurity Act, 2020 (Act 1038)

From The Legal and Regulatory Framework of Ghana
Revision as of 14:29, 16 August 2024 by Oblitey (talk | contribs) (Created page with "==ARRANGEMENT OF SECTIONS== ''Preliminary'' :1. Application ''Cyber Security Authority'' :2. Establishment of the Cyber Security Authority :3. Objects of the Authority :4. Functions of the Authority ''Governance of the Authority'' :5. Governing body of the Authority :6. Functions of the Board :7. Tenure of office of members of the Board :8. Meetings of the Board :9. Disclosure of interest :10. Establishment of committees :11. Allowances :12. Policy directives :13. Joi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

ARRANGEMENT OF SECTIONS

Preliminary

1. Application

Cyber Security Authority

2. Establishment of the Cyber Security Authority
3. Objects of the Authority
4. Functions of the Authority

Governance of the Authority

5. Governing body of the Authority
6. Functions of the Board
7. Tenure of office of members of the Board
8. Meetings of the Board
9. Disclosure of interest
10. Establishment of committees
11. Allowances
12. Policy directives
13. Joint Cybersecurity Committee
14. Functions of the Joint Cybersecurity Committee

Administrative Provisions

15. Appointment of Director-General
16. Functions of the Director-General
17. Secretary to the Board
18. Appointment of inspectors
19. Functions of inspectors
20. Appointment of other staff
21. Divisions of the Authority
22. Internal Audit Unit

Financial Provisions

23. Funds of the Authority
24. Bank account of the Authority
25. Borrowing powers of the Authority
26. Expenses of the Authority
27. Accounts and audit
28. Annual report and other reports

Cybersecurity Fund

29. Establishment of the Cybersecurity Fund
30. Object of the Fund
31. Sources of moneys for the Fund
32. Bank account for the Fund
33. Management of the Fund
34. Disbursement from the Fund

Critical Information Infrastructure

35. Designation of critical information infrastructure
36. Registration of critical information infrastructure
37. Withdrawal of designation of critical information infrastructure
38. Management and compliance audit of critical information infrastructure
39. Duty of owner of critical information infrastructure
40. Access to critical information infrastructure

National and Sectoral Computer Emergency Response Teams

41. Establishment of the National Computer Emergency Response Team
42. Functions of the National Computer Emergency Response Team
43. Responsibility of the Authority relating to response to cybersecurity incident
44. Sectoral Computer Emergency Response Team
45. Cybersecurity incident monitoring and response system
46. Early warning system

Cybersecurity Incident Reporting

47. Duty to report cybersecurity incident
48. Cybersecurity incident point of contact

Licensing of Cybersecurity Service Providers

49. Licensing of cybersecurity service providers
50. Application for licence
51. Grant of licence
52. Non-transferability of licence
53. Validity and duration of licence
54. Suspension of licence
55. Revocation of licence
56. Review of decision of Authority

Accreditation and Certification

57. Accreditation of cybersecurity professionals and practitioners
58. Certification of cybersecurity products and technology solutions

Cybersecurity Standards, Enforcement and Education

59. Cybersecurity standards and enforcement
60. Cybersecurity public awareness and education
61. Research and development programme

Protection of Children Online

62. Indecent image and photograph of a child
63. Dealing with child for purposes of sexual abuse
64. Aiding and abetting of child dealing for purposes of sexual abuse
65. Cyberstalking of a child
66. Sexual extortion

Other Online Sexual Offences

67. Non-consensual sharing of intimate image
68. Threat to distribute prohibited intimate image or visual recording

Cybersecurity and Investigatory Powers

69. Application for production order of subscriber information
70. Issue of production order for subscriber information
71. Application for interception of traffic data
72. Issue of interception warrant for traffic data
73. Application for interception of content data
74. Issue of interception warrant for content data
75. Duration and extension of a production order or an interception warrant
76. Interception capability
77. Retention of data

Realisation of Property

78. Freezing of assets
79. Realisation of property
80. Utilisation of proceeds of realisable property

Industry Forum

81. Establishment of Industry Forum
82. Industry code

Miscellaneous Provisions

83. International co-operation
84. Immunity of members of the Authority
85. Cybersecurity Risk Register
86. Request for information
87. Blocking, filtering and taking down illegal content
88. Co-operation
89. Oath of Secrecy
90. Trial court and procedural powers
91. Guidelines
92. Directives
93. Administrative penalties for contraventions
94. Unlawful access
95. General penalty
96. Regulations
97. Interpretation
98. Repeals and savings
99. Consequential amendments
100. Transitional provisions

SCHEDULES

FIRST SCHEDULE - Cybersecurity Services
SECOND SCHEDULE - Table of Administrative Penalties
THIRD SCHEDULE - Oath of Secrecy
Retrieved from "https://legal.ghanainfocentre.com/index.php?title=Cybersecurity_Act,_2020_(Act_1038)&oldid=677"