Gordon Campbell | Parliament TV | Parliament Today | Video | Questions Of the Day | Search

 


Dalziel: Privacy Issues Forum

27 August 2008 Speech Notes

Privacy Issues Forum

Associate Justice Minister Lianne Dalziel's speech to officially open the Privacy Issues Forum
Intercontinental Hotel,
Grey Street, Wellington
9.00am

Privacy Commissioner, Marie Shroff, thank you for inviting me to open today's forum. May also acknowledge Sir Geoffrey Palmer, head of the Law Commission, and Professor John Burrows, the law professor I studied under at Canterbury University.

I looked back over my speech notes from the last time I opened a privacy issues forum, which was in 2003. There are things that have changed in the five years since I gave that address – Marie Shroff has taken over from Bruce Slane as Privacy Commissioner. There is a substantial review of privacy being undertaken by the Law Commission, whereas when I last spoke on the subject, the Law Commission was analysing the results of submissions it had received in response to a somewhat less detailed discussion paper that had been issued the year before and, of course, Sir Geoffrey has replaced Justice Robertson as the head of the Law Commission.

The opening address that day was given by Justice Michael Kirby, which I recall being particularly thought-provoking, touching as it did on the massive data-banks held by airlines and justifying the degree of scrutiny officials place on passenger lists by our respective countries' decision not to require everyone to carry an identity card.

The point in common between the two forums is that I remain committed to introducing the Privacy (Cross-border Information) Amendment Bill. The only difference this time is that I have actually introduced a Bill, whereas in 2003 it was an aspiration. It is set down for a first reading and has the agreement of support parties for referral to a select committee. The Bill addresses two deficits in the Privacy Act, which does not currently allow foreign nationals resident overseas to make information privacy requests, and does nothing to prevent data received from overseas being transferred outside New Zealand to a jurisdiction without adequate privacy protection.

The 2003 Forum had many eminent speakers as does today's forum. All of the speakers today have made sizable contributions to the various debates on privacy issues, so I anticipate that the discussion will be both thought-provoking and lively. I am including my sister Kathryn in this description because she is highly regarded in the privacy field, but also to ensure that she doesn't get the chance to imply that I am her mother, which I am told is what she does when I am not present.

My interest in privacy legislation dates back to the passage of the Privacy Act 1993, when as a member of the Justice & Law Reform Select Committee, I gained an important insight into not only the range of academic views on the subject, but also the range of public opinion that continues to exist today. The history of New Zealand's legislation lies in part in the desire to be consistent with the OECD Guidelines, but we should not forget - the broader concept of privacy dates back to the Universal Declaration of Human Rights. And as a human right, it has never been more important than it is today with technology making personal information more accessible. It was no accident that a Bill that began its passage through Parliament as the Privacy of Information Bill became the Privacy Act.

The theme of the Forum this year is "Privacy is your business" which has two meanings.

First of all, privacy matters to individuals. We are now at the point where the collection, use, storage, and disclosure of personal information can occur unnoticed, across borders, and at phenomenal speeds. Privacy is in that sense, very much, your business.
Second, privacy matters to business. Major advances in technology have changed the way in which personal data is collected, stored, and used. The challenge for business is to ensure the benefits obtained through the use of new technology do not compromise individuals' expectations about the security of and use of their personal information. It isn't a case of one or the other. Business efficiency and information management processes that respect individuals' privacy expectations go hand-in-hand.

A business that cannot assure its customers that their privacy will be respected will lose customers to competitors. Here, the degree of trust customers have in the businesses they deal with is paramount.

Let me use the example of the sign that appeared on the airline counters after the current law was first passed. It indicated that the airline would not give out information about passengers due to the Privacy Act 1993. My view was that the notice should have said: 'Because we value our passengers' right to privacy, we do not give out information about our passengers to anyone without their permission.' Advising customers that they had always followed this practice, even before the law change, would have been more honest as well.

I would like to talk more about this issue of trust, and its importance in maintaining an ongoing relationship between a business and its current (and potential) customers.

Before the information technology boom, collection and disclosure of personal information was far more limited. Most personal information was stored manually and it wasn't easy to copy or disseminate written information. A lot more personal information had to be obtained from individuals themselves and that's where trust came into play. Things have changed. The ability to print, photocopy, photograph, videotape, record, collect and analyse biometric information, and so on, means there is no longer a serious barrier to the collection or distribution of personal information. Nor does much of it have to be obtained from the individual concerned.
Increasing use of technology has reduced the personal association between the business collecting the personal information and the individual whose privacy is at stake. Individuals may be perceived, in a millisecond, as "information" in an email, on a disk, or on a webpage. Participants to a transaction may be on the other side of the world from each other. This relative weakening of social relationships weakens the interpersonal regulation of the transfer of personal information.

In an environment where masses of personal data can be disclosed to large numbers of people at the click of a mouse, trust has become more important than ever.

Individuals need to trust that the businesses they deal with will respect their personal information and protect their privacy. But this trust needs to be earned and re-earned. A business that breaches a customer's privacy may not get a second chance. There have been a number of recent examples of privacy breaches that are likely to lead directly to a loss of trust. There was the ticketing company which sent an e-mail to everyone on its mailing list without blocking the display of individual email addresses. And there was the university whose computer "glitch" enabled students to access other student's academic records. The same fault could affect any business that enables customers to access accounts online with disastrous effects on client confidence.

We can't go back to the days where personal information was disclosed only within trusting interpersonal relationships. Few would want to sacrifice the amazing developments in communications technologies to do so. What businesses need to continue to do is adapt.

One way in which businesses can do so is to develop proxies for trusting relationships "at a distance". As the Privacy Commissioner has said before, good privacy is good business. And businesses that are not trusted are not good long- term prospects.
Development of transparent privacy policies that comply with the Privacy Act and best practise will help businesses gain the level of trust needed to attract and retain customers. Secure websites and data storage, complaints procedures, monitoring, staff training, corporate responsibility, and accurate, up to date and honest information for consumers will enhance that trust. Businesses can help themselves by developing top-down privacy-conscious cultures.

The government has a role in enhancing trust too. The Privacy Commissioner's role in promoting privacy awareness is pivotal. With increasingly complex new technologies, New Zealanders need a legitimate source of information about risks to their personal privacy and how to respond to those risks. I applaud the Commissioner's proactive approach in this area and note in particular her focus on educating the young. We can learn from our technologically-savvy young people and I look forward to seeing the video of the winning entrant to the secondary schools video competition for Privacy Awareness Week.

These forums are also an important part of Privacy Awareness Week, because they give us the chance to dissect important issues that are not only a challenge in New Zealand but which challenge other jurisdictions as well.

I have noted that this afternoon's session will include discussion on information disclosures between agencies. This is a vital area of concern for the government. It is not yet entirely clear what people's understandings and expectations of inter-agency information sharing are. We all seem to know when information should have been shared, but that tragically is usually immediately after something has gone terribly wrong and it would appear with the benefit of hindsight that information held by one agency should have been shared with another.

I welcome the discussion this afternoon and encourage you all to think seriously about what is an incredibly important issue.

I conclude with a comment about trusting relationships "at a distance".
I said earlier that trusting interpersonal relationships are no longer the primary enabler of personal information transfer; technology is. Modern privacy law either ensures the individual retains some degree of control over the transfer or approximates a trusting interpersonal relationship – an honest broker as it were.

As technologies continue to evolve and individuals become more burdened by more complex privacy waivers, drivers to eliminate individuals from the information transfer equation will increase. This will mean the primary challenge for law reformers will be to design options such as privacy policies, privacy responsibility plans, privacy standards and technology design standards that can intervene to approximate trusting interpersonal relationships.

I hope you all enjoy an interesting and productive day at today's Privacy Issues Forum and on that note I declare the forum open.


ENDS

© Scoop Media

 
 
 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

Werewolf: John Pilger, And Making War On China

In July, the New Zealand Defence Force is scheduled to join the latest round of Talisman Sabre, a huge training exercise that Australia carries out biennially in conjunction with all four arms of the US military.

Last time around in 2015, New Zealand contributed 650 personnel, 45 vehicles and two of our $NZ771 million dollar fleet of NH90 helicopters to this regional war game.

What’s weird is that Talisman Sabre is actually a rehearsal for an assault on China and its ability to defend itself. More>>

ALSO:

 
 

Urban Planning Report: Momentum Grows To Replace The RMA

A major new report from the Productivity Commission lays the foundation for action on the growing political consensus that the Resource Management Act and associated laws are failing both cities and the natural environment and need a complete rewrite. More>>

ALSO:

Vaping: Quitline Supports Decision To Legalise Nicotine E-Cigarettes

Today Associate Minister of Health, Hon Nicky Wagner has announced that Government are taking the proactive step of legalising nicotine e-cigarettes, a move which Quitline is pleased to hear and support wholeheartedly. More>>

ALSO:

Gordon Campbell: On The Labour/Greens Deal (And The NZDF)

If Labour and the Greens were hoping their Budget Responsibility Rules (BRR) agreement would foster an unlikely alliance then hey… mission accomplished! Because it isn’t every day that Sue Bradford, the CTU and Matthew Hooton speak with one voice, as happened yesterday. More>>

ALSO:

Until After The Election: Extension Of Report-Back Date For Havelock North Inquiry

Attorney-General Christopher Finlayson announced today that the report-back date for the independent Inquiry into Havelock North Drinking-Water has been extended at the request of the Inquiry’s Panel. More>>

ALSO:

Little Heading For Court: Apology Over Donation/Hotel Contract Claims Not Accepted

Today I want to publicly apologise unreservedly to Mr Hagaman for any hurt, embarrassment or adverse reflection on his reputation which may have resulted from my various media statements. I have offered that apology to the Hagamans. More>>

ALSO:

Get More From Scoop

 

LATEST HEADLINES

 
 
 
 
 
 
 
 
Parliament
Search Scoop  
 
 
Powered by Vodafone
NZ independent news