Ghana stands at a critical juncture where protecting citizens from cybercrime must be weighed against preserving constitutional freedoms, as Parliament prepares for what could become one of its most contentious legislative battles over the Cybersecurity Amendment Bill 2025.
The proposed legislation has ignited fierce opposition from lawmakers, civil society groups, and former government officials who warn the amendments could criminalize online expression while transforming cybersecurity infrastructure into surveillance machinery. Opposition Member of Parliament Kojo Oppong Nkrumah declared Monday that the Minority caucus will employ every legal avenue to block the bill in its current form, describing it as dangerous legislation that threatens free speech under the guise of digital protection.
Former Health Minister Dr Bernard Okoe Boye has emerged as a prominent voice against restrictive provisions, warning that governments must design laws assuming they will one day be in opposition. Speaking on Metro TV’s Good Morning Ghana, he cautioned authorities against creating systems that future leaders could exploit harshly.
The bill’s supporters point to alarming statistics that justify stronger enforcement. Ghana lost GH₵19 million to cyber fraud in the first half of 2025 alone, with incidents jumping from 1,317 cases in 2024 to 2,008 cases during the same period. The Ministry of Communications and Digitalisation maintains the amendments protect citizens from online fraud, cyberbullying, and digital exploitation while keeping pace with global cybersecurity standards.
Yet critics identify several provisions they consider constitutionally problematic. Section 20B would grant Cyber Security Authority officers full police powers including arrest, search and seizure capabilities, along with legal immunities typically reserved for law enforcement. The Institute for Liberty and Policy Innovation argues this converts a technical regulator into a coercive enforcement agency operating outside established judicial oversight.
Civil society organizations have raised concerns about Section 4A, which empowers the Authority to establish standards for certifying emerging technologies including artificial intelligence, blockchain, and quantum computing. Digital rights advocates warn this creates potential for bureaucratic gatekeeping where startups cannot deploy products without government approval, potentially stifling innovation in Ghana’s technology sector.
The proposed thirty percent revenue levy on cybersecurity practitioners has drawn particular criticism from technology professionals who warn it could make business operations impossible for small and medium firms already struggling with high compliance costs. Industry experts argue the provision drains financial resources regardless of profitability, disincentivizing innovation and competitiveness.
Historical context matters significantly in this debate. Ghana repealed its Criminal and Seditious Libel Laws under former President John Kufuor and later passed the Right to Information Act under President Nana Addo Dankwa Akufo Addo, both aimed at strengthening freedom of expression. Civil society groups now argue the cybersecurity amendments would effectively reintroduce speech criminalization through the back door, undermining decades of progress toward open democratic discourse.
Dr Okoe Boye emphasized that democracy demands tolerance for criticism, even when uncomfortable or recklessly expressed. He stressed that legal consequences for defamation should remain civil rather than criminal, pointing to recent cases involving young women detained for online speech as proof of dangers inherent in criminalizing expression.
The bill arrives at a sensitive moment internationally. Ghana signed the UN Convention against Cybercrime on October 25, positioning itself among the first cohort of African states aligning with global cybersecurity standards. Yet domestically, the country faces accusations that its proposed amendments prioritize state control over citizen protection, creating an awkward contradiction between international cooperation and domestic civil liberties concerns.
Singapore’s cybersecurity framework offers one model for comparison. That nation combines internet accessibility with state imposed digital controls, categorized as partly free by Freedom House with a score of 53 out of 100. Singapore established data protection laws while strengthening cybersecurity through licensing frameworks that require judicial authorization before surveillance activities, providing transparency through annual public reports.
The Institute for Liberty and Policy Innovation has proposed alternative reforms for Ghana’s bill that would maintain security objectives while protecting constitutional rights. Their recommendations include requiring judicial warrants for all data access and surveillance, establishing independent oversight committees to audit Cyber Security Authority operations, and replacing the thirty percent revenue levy with transparent annual licensing fees reflecting actual administrative costs.
Parliament’s Communications Committee currently reviews the bill with public consultations expected to continue in coming weeks. The Cyber Security Authority released the draft October 1 with a consultation deadline of October 24, though public debate has intensified rather than subsided since that deadline passed.
The controversy reflects a broader challenge facing democracies worldwide as they navigate tensions between digital security and civil liberties. Nations must determine how to protect citizens from genuine cyber threats without creating enforcement mechanisms that could be weaponized against dissent.
Dr Okoe Boye captured this dilemma succinctly when he warned that anything capable of being abused should be stopped early. His argument resonates with civil society organizations concerned that concentrated power without oversight inevitably leads to overreach, regardless of initial intentions.
As Ghana approaches this legislative crossroads, the outcome will signal whether the nation can craft cybersecurity policy that addresses twenty first century threats while preserving the constitutional freedoms that have defined its democratic success. The challenge lies not in choosing between security and liberty, but in designing frameworks that advance both objectives simultaneously.
