Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Govt clamps down on web service providers after data breach

Govt clamps down on web service providers after data breach

By Pattrick Smellie

Aug. 26 (BusinessDesk) - A swathe of government departments have been ordered not to use web and information communications technology service providers not on an approved list following disclosure of a major data privacy breach over the weekend.

The Treasury, which suffered an embarrassing data breach prior to the Budget, is among those required to use only those providers who appear on an approved 'all-of-government ICT common capabilities procurement list', Prime Minister Jacinda Ardern announced at her post-Cabinet press conference.

The move follows the inadvertent publication online of key personal detail, including birth certificates, driver's licences, and passport numbers of 302 people who applied to be part of the Tuia 250 Voyage trainee scheme - an initiative linked to commemorating the arrival of Captain James Cook in New Zealand waters in 1769.

With immediate effect, all government departments deemed to have "small" ICT capabilities will be bound by the new requirement to use only approved providers, where previously the list's use was voluntary.

Some surprisingly significant agencies are covered by that definition. Along with the Treasury, the Department of Prime Minister and Cabinet, the State Services Commission, Ministry of Defence, Ministry of Transport, Ministry of Housing and Urban Development and the Crown Law Office were singled out by Ardern as being covered by the order.

Also on the list are the Ministries of Women's Affairs and Pacific Peoples, the Education Review Office and the recently formed Te Arawhiti, which is tasked with managing relations between the Crown and Maori.

"They must review planned and future ICT projects, implement common capability security and privacy-related government chief digital officer guidance," said Ardern. "They must follow the government chief information officer's information security standards and policies and they must obtain the government chief information officer's certification that they are compliant with these requirements."

The move is a clear sign of the Cabinet's frustration with sloppy data management by government agencies and its capacity to damage public confidence in the Crown's ability to maintain citizens' data privacy - a core requirement in the social contract between a government and its people.

Ardern said the unnamed firm that established Tuia 250 website was not on the all-of-government procurement list.

"My understanding is that list has not been mandatory but as I've set out, as an interim step while we work through what we need to do to prevent this ever happening again, we will now be requiring those small agencies to procure from that list over the near future as we work to secure all New Zealanders' data and restore confidence in the systems and the agencies who are providing the services to the NZ public," Ardern said.

(BusinessDesk)

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Marsden Pipeline Rupture: Report Calls For Supply Improvements, Backs Digger Blame

The report makes several recommendations on how the sector can better prevent, prepare for, respond to, and recover from an incident. In particular, we consider it essential that government and industry work together to put in place and regularly practise sector-wide response plans, to improve the response to any future incident… More>>

ALSO:

Oil Scare: Trump Authorises Use Of Emergency Crude Stockpile

The New Zealand dollar fell against the US dollar after President Donald Trump authorised the use of the country's emergency crude stockpile after the weekend attack on Saudi Arabia’s major oil facilities. More>>

ALSO:

Pre-Post-Brexit Deal Talks: UK Trade Minister Visits Wellington

New Zealand should get a better deal for exports of sheepmeat, beef and dairy products into the United Kingdom after Brexit, the British Minister of State for Trade, Liz Truss, said in Wellington today. More>>

ALSO:

Not-Very Well: Tamarind Halts Tui Drilling; OMV Assesses Options

Tamarind Resources has halted drilling at its Tui oil field off the Taranaki coast after the first of the three planned wells came up dry. Managing director Ian Angell says that despite the “unexpected” result from the first well, the firm believes the other two prospects are worth pursuing. More>>

ALSO:

Seeking 'Clarity': Crown To Appeal Southern Response Decision, Offers Costs

“It is our intention that the clarity that will come from the outcome of these proceedings will enable the Crown to work with Southern Response to provide a soundly based proactive solution to those people that are affected.” More>>