In this analytical critique, Bright Simons argues that Ghana’s proposed draft NITA Bill represents a dangerous overreach that would transform the National Information Technology Agency (NITA) from a coordinating ICT agency into a sweeping digital-sector regulator with unprecedented powers. Simons warns that the bill goes far beyond licensing IT professionals—it would grant NITA authority over ICT infrastructure, cloud services, SaaS platforms, public-sector technology procurement, professional certification, business premises, mergers, ownership structures (including a controversial citizen-only ownership clause), audits, sanctions, and enforcement powers including closure and seizure of assets. Simons contends that while Ghana certainly needs reforms to address public-sector procurement indiscipline and support local tech innovation, the current draft fails catastrophically by attempting to regulate a dynamic, AI-driven sector through rigid licensing frameworks that do not account for the diversity of ICT occupations—from laptop repairers to AI-assisted developers.

Read the full analysis below.

The Draft NITA Bill Should be Shredded

By Bright Simons

One of Ghana’s veteran business journalists, now based in New York, reached out and asked if I have been following the NITA bill debate. Sadly, I hadn’t. Too much going on.

He pressed, subtly but firmly, so I did.

I appreciate the ambition of the current management at the Ministry. I am sure they want their names in neon above Black Star Square. But there is a serious katanomic odour blowing from the bill they are promoting.

They would do well to assemble a group of truly independent tech folks from the ICT chamber, not just a bunch of their friends, listen hard, talk less, and take the advice. If they did, they would gut that manuscript and return to the drawing board.

Here is why, based on my quick take on the bill.

Bottom line

The Ministry of Communications, Digital Technology, & Innovations (MOC) does not merely appear to be proposing to “license IT professionals.”

The draft NITA Bill is much bigger. The plan is to convert NITA from a coordinating ICT agency into a broad digital-sector regulator with powers over ICT infrastructure, cloud, SaaS, digital platforms, public-sector technology procurement, professional certification, business premises, mergers, ownership, standards, audits, sanctions, and even the structure of government digital infrastructure. It is a wholesale revamp.

No one would have quarrelled with the bill if it had focused on the big problems in the sector: public sector procurement indiscipline and a lack of incentives for R&D and support for local tech innovations.

Ghana certainly needs improved standards and practices in digital assurance, interoperability, and accountability for critical systems (already captured in the “critical infrastructure” policy).

The katanomics arise when instead of learning from national mistakes and proposing workable solutions, one jumps the process to venture into a whole range of areas where the country absolutely lack policy experience.

1. MOC’s Proposals

The draft/consultation bill proposes as follows:

A stronger NITA “Authority”

The Bill would establish NITA as a regulatory authority for ICT and digital services, with objects including regulation, coordination, promotion, standards, licensing, certification, interoperability, digital innovation, and public-sector ICT personnel management.

Mandatory licensing of ICT business activity

Section 35 (the bombshell that has sparked so much controversy). It says no person may engage in business or a related activity in the ICT sector unless granted a licence. It expressly includes installation of ICT infrastructure, development or provision of ICT products and services, and activities requiring licensing or certification. Doing any of these without a license could get one jailed, or at best fined.

Who is to be licensed?

Section 36 lists categories such as public/commercial ICT infrastructure, cloud hosting, SaaS providers, government digital services partnerships, national digital platform operators, data centre operators, and any other category the Authority later determines.

Citizen-only ownership qualification

Section 37 says a licence applicant must be an adult Ghanaian citizen, or a company/partnership/association/body “wholly owned by a citizen.” Essentially, it would now be illegal to engage remote experts to work on a system deployed in Ghana. Essentially, half the whiz kids in Silicon Valley would have been ineligible to build their genius gizmos had America had a law like this.

Certification of ICT professionals

Section 46 says a person shall not be appointed as an ICT professional in a public or private institution unless certified by the Authority, and that NITA shall determine the criteria and procedure. (Funnily, this contradicts the definitions section where “certified professional” is confined to the public sector.)

Closure, seizure, suspension and enforcement powers

NITA could close premises or facilities, seize ICT products/equipment, suspend business, revoke licences, and impose administrative penalties in specified circumstances.

M&A and business-structure control

Section 49 appears to require NITA approval before sale, transfer, merger, amalgamation, or alteration of the nature of an ICT service provider’s business.

There are also some less controversial proposals about setting up a special purpose national e-government vehicle, promoting transparency and interoperability, and preventing vendor lock-in.

Let’s focus, however, on the areas of the Bill that have rankled so many ICT professionals and would clearly not have seen the light of the day if the Ministry bosses had done any serious sounding beyond their clique.

2. What do they mean by “ICT professional” anyway?

“IT/ICT professional” is not like “nurse,” “electrician,” “lawyer,” “chartered accountant,” or “professional engineer.” Those occupations usually have a more defined body of practice, recognised training path, public-risk rationale, and a reserved act or protected title.

“ICT” and “IT” are very loose umbrella terms. International occupational systems do not treat ICT as one unified profession. The International Standard Classification of Occupations classifies jobs by skill level and specialisation, not by one vague “IT professional” identity.

Eurostat and O*NET both list many distinct computer and mathematical occupations within that bracket: software developers, network architects, cybersecurity analysts, database administrators, web developers, data scientists, support specialists, QA testers, IT project managers, and many more.

Is the government of Ghana going to insist on licensing every single person in Ghana who builds a website, uses Microsoft Power BI to create some charts for a company, or deploys mermaid to craft some flyers for an event organiser?

The whole idea is totally ridiculous.

A more sensible approach would be to pry open the ICT chest open and only target the most critical functions. Example:

Critical Public Digital Infrastructure management (with a clear and rigorous process properly defined as to how any system gets to be elevated to that status to begin with);
Financial services cybersecurity auditing;
Tier II & III datacenter operations;
Public hospital digital health network administration;
Public ERP procurement readiness certtification.
The bill could then have said that for those functions, licensed professionals are required. The licensing regime would then have been constructed in an industry-led fashion much like we have in leading accounting jurisdictions. Frankly, the civil service is the last place to situate licensing for a dynamic sector like ICT.

More importantly, under no circumstances should any government aspire to poke its long nose into stuff like “writing code,” “installing a router,” “maintaining a school website,” “handling some graphic design,” “being a product manager at a food delivery company,” “using AI to generate a UI for a service,” or “working in an IT department of a small law firm.” The risks are not national-scale and employers should be left to manage their own personnel validation.

3. Ghanaian laws already provide some protection

A standard feature of Katanomics is to pile laws upon laws without much effort being spent on reviewing how the current laws are performing, why gaps, if any, have formed, and what the lessons really teach.

The Cybersecurity Act creates a targeted licensing/accreditation regime for cybersecurity service providers, establishments, professionals and practitioners. That makes sense because cybersecurity services can create high systemic risk, and the Act contains a specific institutional mandate around cyber protection. If that has not stopped fraud in banks and telcos, there is a need to enhance our understanding and respond accordingly.

The Data Protection Act regulates controllers and processors of personal data, requires registration, imposes security obligations, requires written processor arrangements, and provides breach-notification duties. If the Data Protection Commission is only taken fees and isn’t really measuring up, the right approach is to fix it.

The Engineering Council could decide to create top-tier categories for “software engineering,” as well as hardware and electronic engineering if it aims to elevate the field. It already has the pedigree and legal infrastructure to proceed if it deems the time right.

4. But don’t other countries already do this?

Well, some have tried but the lessons are worth taking.

Nigeria, for instance. The Computer Professionals Registration Council of Nigeria was created under a 1993 law and has a broad mandate over persons and organisations providing computing professional services.

The arrangement in Nigeria has gone nowhere. The country still has a huge informal and startup-driven tech sector. In practice, broad computing-profession regulation tends to become procurement gatekeeping, dues, professional conferences, anti-“quackery” rhetoric, and credential signalling. It has generated nothing of clear value to the sector.

Canada shows a narrower and more legally coherent model. Engineering regulators restrict titles such as “software engineer,” “computer engineer,” and “firmware engineer” where those titles imply professional engineering. But even there, regulators recognise that not all software development is software engineering. The Canadian fights over “software engineer” titles show how hard it is to map old professional-engineering concepts onto modern tech labour markets.

The United States tried a software-engineering professional-engineer exam pathway. The software engineering PE exam was first offered in 2013 and discontinued after 2019 because candidate numbers were too low.

Almost everywhere else, the approach has been to rely more on voluntary professional bodies, chartered status, competence frameworks, sector standards, procurement rules, data protection, cyber regulation, product regulation, and critical-infrastructure obligations. In many of these contexts and jurisdictions, industry associations take the lead.

5. It can get absurd pretty quickly

Meanwhile, AI has thrown a wrench into the whole wheel of what “IT work” even means today. m

In the pre-AI world, one might imagine a recognisable “software developer” writing code manually. In the AI world, a founder describes an app to a model, a non-technical employee uses AI to build an internal workflow, a designer generates front-end code, a business analyst deploys automations, and a cloud platform assembles infrastructure through templates. Who is the “ICT professional” here? The geography graduate with a few hours on reddit and stackoverflow under her belt typing out prompts? The AI tool vendor? The person who clicks deploy? The person who reviews the code? The company using the system?

A licensing regime based on “professional identity” will clash with AI-generated work because AI diffuses technical production across the entire economy. The more powerful AI gets, the less realistic it becomes to require every producer of digital functionality to hold a state-issued ICT license. Once again, if the Ministry had engaged beyond their small clique, everyone would have told them.

6. Hardware, networking and informality

On the physical device and network level, the absurdity start to get out of hand.

Ghana’s ICT economy is not made up of just software startups. It includes laptop repairers, phone technicians, CCTV installers, router vendors, fibre/cabling contractors, school computer-lab maintainers, POS support agents, small network installers, market traders selling peripherals, informal refurbished-device dealers, cybercafé operators, church/media livestream technicians, and thousands of small businesses that keep digital life functioning. All these people are using ICT and making a living in the ICT-enabled economy.

If enforced aggressively, the scheme could:

raise the cost of basic repairs and installations;
push informal technicians further underground;
create opportunities for inspectors and middlemen to extract bribes;
make small businesses operate through “certified” fronts;
reduce access to affordable hardware support in rural and low-income areas;
increase e-waste if repair markets are chilled;
make public-sector maintenance more expensive by reducing the pool of eligible providers.
It is a whole mess, and must be reined in before it transmutes from panic to catastrophe.

7. And the MESS doesn’t end there

The citizen-only ownership clause is potentially devastating. A Ghanaian startup with foreign VC, non-citizen co-founders, regional holding structures, offshore investors, or employee stock held by non-citizens may struggle if licensed ICT activity requires wholly citizen ownership. This may be more economically explosive than the “IT professionals” headline.

NITA, the Cyber Security Authority, Data Protection Commission, National Communications Authority, Bank of Ghana, Ghana Standards Authority, Public Procurement Authority, GIPC, Engineering Council, and sector regulators may all touch the same digital product. A fintech, for example, could face payment regulation, data protection registration, cybersecurity obligations, NITA licensing, cloud/data-centre requirements, and public procurement rules. The cost of doing business is already too high. Don’t make it worse!

The Bill includes criminal offences, administrative penalties, licence suspension, business prohibition, closure, seizure, and penalties for negligent cybersecurity breaches or false certification claims. Some of that is justified for critical misconduct, but excessive criminalisation can chill innovation and incident reporting.

Now imagine:

A small NGO building a data-collection app could be treated as developing/providing an ICT product.

A small periurban school near Techiman appointing a self-taught but competent ICT teacher or network administrator could run into the Section 46 certification requirement if “ICT professional” is read broadly.

A startup adding cloud hosting, AI features, or platform functionality might need to ask whether it has changed the “nature” of its ICT business and needs approval.

A Ghanaian founder could be treated less favourably after raising foreign investment than before raising it.

An AI-assisted non-programmer could produce useful code, while a formally certified but incompetent person is legally privileged.

Even worse:

The merger/alteration approval clause is dangerous because it turns ordinary corporate switches into a whole regulatory fanfare. Startup pivots, acquisitions, restructurings and investment rounds depend on speed and certainty.

More licensing layers are likely to lead to slower product launches, especially in already tough fields like fintech. Think also about the higher legal costs, and more uncertainty for firms already dealing with Bank of Ghana, data protection, cybersecurity and AML obligations.

Paradoxically, overregulation can weaken cybersecurity. Small operators may avoid registration, breach reporting, or formal contracts because contact with the regulator feels dangerous.

Conversely, employers may over-apply the law and require NITA certification for analysts, IT support, product managers, data officers, website administrators, and junior developers, even where the legal risk is unclear.

Moreover, Ghana participates in regional and continental liberalisation frameworks, including ECOWAS free movement/establishment principles and AfCFTA services liberalisation. A broad citizen-only ICT licensing scheme may create avoidable trade and investment friction, even if Ghana retains policy space to regulate for legitimate objectives.

It is true that the Bill creates an appeals tribunal, but the tribunal is appointed through ministerial processes and funded through the NITA’s funds. Appeals to the Court of Appeal, on the other hand, are limited to points of law. That may be insufficient for a regime with such heavy commercial consequences.

9. A better law might look something like this

The Bill should be rewritten around regulated activities, not “IT professionals.”

The following quick fixes would be a good start:

• Replace the broad Section 35 ban with a schedule of licensable high-risk ICT activities: public & sensitive commercial digital infrastructure, critical data centres, public cloud for government/critical sectors, critical SaaS for public services, cybersecurity-sensitive operations, and national platform operators.
• Rewrite Section 46 so certification applies only to defined risk roles: public-sector chief information/security officers, critical infrastructure administrators, certified ICT auditors, digital identity administrators, public procurement sign-off professionals, and cybersecurity-sensitive roles. For everyone else, use voluntary certification or title protection.
• Add exemptions for employees doing internal work, students, hobbyists, open-source contributors, micro repairers, ordinary retail sales, internal IT departments, low-risk website/app development, and small businesses below clear thresholds.
• Remove or radically narrow the citizen-only ownership rule. Use public-procurement preferences, local-capacity requirements, security vetting for sensitive contracts, and Ghanaian participation incentives instead of a blanket nationality-based ownership restriction.
• Limit transaction approvals to changes of control of high-risk licensees. Do not require approval for ordinary pivots, product changes, share issuances, acquisitions outside sensitive categories, or internal restructuring.
• Create a lead-regulator rule. If the CSA, DPC, NCA, Bank of Ghana or another regulator already licenses the core risk, NITA should coordinate through memoranda and joint standards, rather than duplicating permissions.
• Hardwire the due process in. The Bill should require that there should be published criteria, fee caps, timelines, deemed approvals where appropriate, written reasons, appeal stays except in emergencies, warrant requirements for seizure except imminent-risk cases, and compensation for wrongful closure.
• Build an AI-specific assurance layer. Require secure development practices, AI-use documentation, human review for high-risk systems, logging, testing, model/data governance, incident reporting and audit trails. Avoid creating an “outmoded at birth” bill because of a failure to take AI into account.
• Be sensitive to the informal economy. Ensure long transition periods, recognition of prior learning, apprenticeship routes, low-cost micro-certification, mobile registration, district-level support, and no criminal enforcement for low-risk actors during transition.
• Require a regulatory impact assessment before commencement. The government should publish expected costs, affected occupations, SME effects, competition analysis, trade implications, institutional overlaps, enforcement budget, and anti-corruption safeguards.
• Conclusion: the Ministry is off the bar but they can have another go
• A careful NITA law could be one of Ghana’s most anti-katanomic and groundbreaking digital economy reforms. Especially if it focuses on fixing wasteful, opaque, and pooly thought through public ICT procurement.

But a careless version could become a massive burden on the heads of a struggling, still nascent, technology sector. The draft bill tilts more to the latter than the former.

The MOC should get off its high horse while there is still time, abandon the bill in its current form, return to the drawing board, and come back with something more aligned with modern realities.

---

Bright Simons is a Ghanaian technologist, social innovator, entrepreneur, writer, social and political commentator. He is the vice-president, in charge of research at IMANI Centre for Policy and Education. He is also the founder and president of mPedigree.

Accra is building upwards at an extraordinary pace. Sleek apartment towers with ambitious names—A-Heights, B-Towers, C-Residences—are sprouting across the capital’s most affluent neighbourhoods, from Cantonments and Labone to East Legon and Ridge. Many come with gyms, pools, rooftop lounges, and concierge desks. Yet drive past these gleaming structures after sunset, and a strange silence hangs over them. The number of lit windows on most evenings could be counted on one hand.

This paradox, luxury apartments multiplying while remaining largely empty, their prices defying the basic economic logic that excess supply should drive costs down, is at the heart of a provocative social media essay by Kofi Hamilton Amekudzi. In a Facebook post that has generated hundreds of reactions and dozens of detailed comments, Amekudzi asks a question that has quietly troubled many Accra residents: who is buying these homes, and why do so many appear to be used as little more than “vaults with balconies”? Read the full article below.

---

ACCRA, A CITY WHERE VAULTS HAVE BALCONIES
Drive through Accra these days, and you will see apartments shooting up like missiles. They rise. They glitter. They acquire ambitious names such as A-Heights, B-Towers, C-Residences, D-Pinnacle, E-Apex, F-Summit, etc. It appears the developers are running out of synonyms for the word “high”.

In Cantonments, Labone, Airport Residential. East Legon, Osu, Nyaniba, Ridge, and beyond, familiar bungalows are giving way to vertical structures determined to redefine Accra’s skyline. The developers will tell you that the land on which stood a single bangalow must be maximised.

Most of these apartments include gyms, swimming pools, rooftop lounges, concierge desks, and many other admirable amenities, included to enhance their appeal. I would not be wrong to say the building of apartments has become a competition in Accra. And yet, for all the furious construction, a strange silence hangs over these buildings after sunset. Drive past at 8pm and count the number of lit windows. You will surely not need the fingers on both hands.

Therein lies the puzzle that is not easy to explain. The apartments are everywhere but are largely empty, and yet their prices continue to ascend like a BA jet leaving Accra International Airport. Ask any first year economics student what happens when supply outstrips demand? Clearly, the Accra apartment story defies the principles contained in Economics text books.
So, who is buying an apartment that would most likely be empty for most of the year?
The rumour mill, never shy in Ghana, has produced its answer. Many of the apartments are being used to “wash” money. For the avoidance of doubt, “washing” money does not make dirty money cleaner. Omo and Key soap have no role to play in this kind of “washing.”

It simply means tucking “suspect funds” away from the prying eyes of the formal banking system and converting them into brick and mortar. This, the rumour mill insists, is the reason why the prices do not respond to the gravitational pull to drop. “Suspect money” is increasing and hence the demands are high.

An individual who has invested unspeakable sums into a three – bedroom unit in Cantonments is in no particular hurry to sell. The apartment is not a home. It is a vault. Yes, a vault with a balcony view. There are also Ghanaians in the diaspora (and also in Ghana) who have found the interest rates whispered by the banks to be unattractive. They find the interest on treasury bills and fixed deposits to be inadequate. They are also aware of the historic adventurous relationship between the Cedi and the Dollar. After careful thought, they prefer to keep their hard-earned resources in brick and mortar.

This brings us to a question no one is asking. Does this rush to invest in apartments suggest a falling trust in our banking system? Is it possible that the banks would have been the main beneficiaries of these resources going towards real estate entities if the citizens trusted the banks?

The sad part of this story is that the increase in apartments is not reducing the housing deficit in Ghana primarily because many Ghanaians cannot afford these apartments.
A young teacher in Madina who pays rent cannot afford these apartments. A nurse in Korle – Bu searching for a one-bedroom cannot afford the $120K the developers are asking for a studio apartment. These apartments were never built for such people. The price tags start where their dreams end.

And so Accra’s Towers would continue to multiply. Gleaming, expensive, half-lit, half-occupied, and yet, only half-explained. They will remain monuments of wealth we cannot fully explain, and this whispers to us that “unexplained wealth” is still very prevalent in Accra.

One day, maybe an audit will reveal the names of all the owners of the apartments in Accra. The earth may shake that day. The owners of the dark rooms will be revealed in the light.
Until then, Accra will continue to be Accra. The apartments will continue to rise. The more they rise, the more they will be empty. The more they are empty, the higher their price tag ascends. The more you think about this logic, the more you will struggle to make sense of it.

In a nutshell, Accra reminds us that vaults have balconies, and theories from economics textbooks do not make sense on the streets. Good day.

Unlike previous major Ebola outbreaks, this rare strain has no approved therapeutics or vaccines.

Health authorities have confirmed that the current Ebola outbreak in the Democratic Republic of the Congo and Uganda is caused by the Bundibugyo virus disease (BVD) , a rare type of Ebola disease that has no approved therapeutics or vaccines.

Here is what makes this outbreak different, based solely on information from the World Health Organization and the Africa Centers for Disease Control and Prevention.

1. A Rare Strain

Although more than 20 Ebola outbreaks have taken place in the DRC and Uganda, this is only the third time BVD has been reported. The rarity of this strain means that the medical countermeasures developed for more common Ebola strains, such as vaccines and antiviral treatments, do not exist for BVD.

2. No Approved Medical Countermeasures

According to the WHO, BVD has no approved therapeutics or vaccines. This stands in contrast to other Ebola outbreaks in recent years, where ring vaccination and experimental treatments were deployed. Without these tools, health authorities must rely entirely on non-medical interventions.

3. Reliance on Basic Outbreak Control

The Africa Centres for Disease Control and Prevention has stated that the virus spreads through direct contact with the bodily fluids of infected people, contaminated materials, or those who have died from the disease. In the absence of vaccines and drugs, the WHO has advised:

• Immediate isolation of confirmed cases
• Restricted national travel for those exposed
• No international travel until 21 days after exposure
• Cross-border screening and screening at main internal roads

After having consulted the #DRC and #Uganda where the #Ebola disease caused by Bundibugyo virus is known to be currently occurring, I determine that the epidemic constitutes a public health emergency of international concern (PHEIC), as defined in the provisions of IHR.

My full… pic.twitter.com/zhYVEyxSI8

— Tedros Adhanom Ghebreyesus (@DrTedros) May 17, 2026

4. Risk of a Larger Outbreak

The WHO has said the outbreak could be much larger than currently reported, citing the high positivity rate of the initial samples and the increasing number of suspected cases being reported. As of Saturday, the Africa CDC reported 336 suspected cases and 87 deaths. The DRC accounts for all except two of those cases, both reported in neighboring Uganda.

Unlinked Ebola Cases in Kampala Trigger Global Emergency

5. What Countries Should Not Do

The WHO explicitly urged countries not to close their borders or restrict travel and trade. It warned that border closures could lead to people and goods making unmonitored border crossings, which would make the outbreak harder to track and contain.

Bottom line: The Bundibugyo virus disease outbreak is different because it involves a rare Ebola strain for which no vaccines or therapeutics exist. The response depends entirely on isolation, contact tracing, travel restrictions, and screening — without the medical tools that helped stop previous Ebola epidemics.