By: John Sitsofe Mensah
The architecture of a nation’s digital economy
relies entirely on the integrity of its regulatory frameworks. When the rules
governing technological innovation are clear, predictable, and legally sound,
Digital Public Infrastructure (DPI) thrives, and digital trust is established.
However, when regulatory bodies bypass foundational legislation in favor of
administrative bootstrapping, the entire ecosystem is placed at risk.
The recent push by the National Information
Technology Agency (NITA) to mandate licenses for individual ICT professionals
and general private tech businesses presents a textbook case of regulatory
overreach. By leaning on the Fees and Charges (Miscellaneous Provisions) Act,
2022, and its subsequent 2023 Regulations to justify this sweep, NITA is
attempting to extract a substantive regulatory mandate out of a consolidated
financial instrument.
A rigorous analysis of the underlying issues,
laws, and frameworks surrounding this development reveals structural legal
contradictions, a glaring historical legislative void, and a reactive
regulatory posture that threatens to stifle local innovation and erode the very
digital trust the agency was established to protect.
The Foundational Blueprint: Strict Statutory
Boundaries
To understand the current friction, one must
examine the original 2008 regulatory architecture. NITA was established by the
National Information Technology Agency Act, 2008 (Act 771), with a companion
framework provided by the Electronic Transactions Act, 2008 (Act 772). These
laws were designed with a specific, corporate-focused regulatory intent: -
Infrastructure over Individuals: NITA was tasked with regulating the
"provision" of ICT, managing networks, and ensuring quality of
service at the enterprise level. - Strict Licensing Limitations: Act 772
explicitly limits NITA’s certification powers to highly sensitive corporate
services, specifically encryption and authentication. - The Individual
Prohibition: Most crucially, Section 38(1) of Act 772 contains an unambiguous,
specific prohibition: "A licence shall not be issued or granted by the
Agency to an individual." Under the 2008 framework, a data analyst or
software developer simply utilizing ICT infrastructure to practice their trade
operates entirely outside NITA’s licensing purview.
The Legislative Void and the Pivot to
"Regulation by Invoicing"
To operationalize a primary Act—especially one
establishing a "Certifying Agency" with highly technical mandates—a
detailed Legislative Instrument (LI) is legally required. Despite multiple
drafts circulating over the years, no comprehensive, sector-specific LIs were
ever formally enacted to operationalize NITA’s broad statutory mandates under
the 2008 Acts.
Without an operational LI, NITA found itself
holding broad enabling legislation but completely lacking the subsidiary legal
tools required to actually execute its mandate. This legislative vacuum
directly explains the agency's current reliance on the Fees and Charges
(Miscellaneous Provisions) Act, 2022.
By sliding pricing schedules for "IT
Professional Licenses" and broad business certifications into a general
financial instrument, the agency engaged in administrative bootstrapping—hoping
the authorization to collect a fee would be interpreted as the legal mandate to
establish the regulatory regime itself.
This approach is legally flawed: - The Fallacy
of Revenue as Regulation: The Fees and Charges Act is a consolidated national
pricing catalog. Passing a financial schedule that sets a price tag for a
"Software Developer Certification" does not magically grant the
agency the substantive legal authority to create or enforce that professional
guild. Pricing does not equal permission.
- Hierarchy of Laws: A fundamental rule of
statutory interpretation dictates that general laws cannot implicitly repeal
specific laws. A line item buried in a general fees schedule cannot override
the explicit prohibition against individual licensing found in Section 38(1) of
Act 772.
The Fallacy of the IT Guild: Why State
Gatekeeping is Needless
While legislative integrity demands that any
move to regulate human capital must occur through rigorous primary legislation,
we must ask a more fundamental question: Should the state be licensing IT
professionals at all? Attempting to shoehorn the tech sector into a
traditional, state-mandated professional guild is a profound misunderstanding
of how the global digital economy operates. Creating a mandatory IT guild is
entirely needless for two core reasons:
- Global Standards Already Exist: The IT
sector is inherently borderless and already governed by rigorous, globally
recognized standards. International certification systems—ranging from
vendor-neutral accreditations like CISSP, CompTIA, and ISACA to vendor-specific
credentials from AWS, Cisco, and Microsoft—are continuously updated to reflect
the bleeding edge of technology. A localized, state-run certification system
cannot hope to outpace or out-rigor these global benchmarks. Rather than
mandating a redundant local license, policy should encourage and perhaps
subsidize the acquisition of these internationally recognized credentials.
- The Meritocracy of Self-Taught Knowledge:
Unlike medicine or law, the tech ecosystem thrives on decentralized learning
and the open-source movement. A developer's competence is proven by their code
repositories, their problem-solving logic, and their deployment history, not by
a state-issued piece of paper. The sector is famously meritocratic, heavily
relying on brilliant, self-taught innovators. Erecting a mandatory guild system
risks disenfranchising these self-taught experts, creating artificial barriers
to entry that will ultimately starve the local industry of talent.
The Path Forward: Fostering Enablement Over
Gatekeeping
In 1865, as the first motorized vehicles
emerged, the British Parliament panicked. To maintain control over a disruptive
new technology, they passed the Locomotive Act—famously known as the "Red
Flag Act." It required every motorized vehicle to be preceded by a man
walking on foot, waving a red flag to warn pedestrians. While intended to
create order, the law effectively strangled the British automobile industry in
its crib, allowing nations with more enabling frameworks to leapfrog them.
Today, attempting to force the modern,
decentralized IT sector into a localized, state-mandated licensing guild is the
digital equivalent of the Red Flag Act. It imposes analog constraints on a
purely digital frontier.
Furthermore, in structural engineering, there
is an unforgiving truth: you cannot build a skyscraper on a foundation poured
for a bungalow. You can add as many floors as you like, and you can paint the
facade to look modern, but eventually, the structural reality will assert
itself, and the edifice will collapse. The exact same principle applies to
regulatory frameworks. A regulatory regime built on the fragile foundation of a
pricing catalog will inevitably fracture under the weight of actual enforcement
and legal scrutiny.
To foster innovation and build enduring
digital trust, Ghana does not need to mandate professional guilds via invoices.
We require: Regulatory Clarity: Agencies must operate strictly within the
bounds of their enabling Acts.
- Incentivizing Global Competence: The state
should encourage the use of rigorous, existing international certifications to
raise the national skill floor, rather than forcing practitioners into a
localized licensing trap.
- Transparent Recourse Mechanisms: The
industry needs mandatory performance metrics and operational data publication
from regulators to ensure accountability and prevent administrative overreach.
If Ghana is to build a secure, effective, and globally competitive digital
economy, its regulatory foundation must be grounded in robust law and an
architecture of enablement, not merely in a schedule of fees.
John Sitsofe Mensah is a Technology Policy
Analyst with IMANI.
