Gordon Campbell | Parliament TV | Parliament Today | Video | Questions Of the Day | Search

 


Dalziel: Privacy Issues Forum

27 August 2008 Speech Notes

Privacy Issues Forum

Associate Justice Minister Lianne Dalziel's speech to officially open the Privacy Issues Forum
Intercontinental Hotel,
Grey Street, Wellington
9.00am

Privacy Commissioner, Marie Shroff, thank you for inviting me to open today's forum. May also acknowledge Sir Geoffrey Palmer, head of the Law Commission, and Professor John Burrows, the law professor I studied under at Canterbury University.

I looked back over my speech notes from the last time I opened a privacy issues forum, which was in 2003. There are things that have changed in the five years since I gave that address – Marie Shroff has taken over from Bruce Slane as Privacy Commissioner. There is a substantial review of privacy being undertaken by the Law Commission, whereas when I last spoke on the subject, the Law Commission was analysing the results of submissions it had received in response to a somewhat less detailed discussion paper that had been issued the year before and, of course, Sir Geoffrey has replaced Justice Robertson as the head of the Law Commission.

The opening address that day was given by Justice Michael Kirby, which I recall being particularly thought-provoking, touching as it did on the massive data-banks held by airlines and justifying the degree of scrutiny officials place on passenger lists by our respective countries' decision not to require everyone to carry an identity card.

The point in common between the two forums is that I remain committed to introducing the Privacy (Cross-border Information) Amendment Bill. The only difference this time is that I have actually introduced a Bill, whereas in 2003 it was an aspiration. It is set down for a first reading and has the agreement of support parties for referral to a select committee. The Bill addresses two deficits in the Privacy Act, which does not currently allow foreign nationals resident overseas to make information privacy requests, and does nothing to prevent data received from overseas being transferred outside New Zealand to a jurisdiction without adequate privacy protection.

The 2003 Forum had many eminent speakers as does today's forum. All of the speakers today have made sizable contributions to the various debates on privacy issues, so I anticipate that the discussion will be both thought-provoking and lively. I am including my sister Kathryn in this description because she is highly regarded in the privacy field, but also to ensure that she doesn't get the chance to imply that I am her mother, which I am told is what she does when I am not present.

My interest in privacy legislation dates back to the passage of the Privacy Act 1993, when as a member of the Justice & Law Reform Select Committee, I gained an important insight into not only the range of academic views on the subject, but also the range of public opinion that continues to exist today. The history of New Zealand's legislation lies in part in the desire to be consistent with the OECD Guidelines, but we should not forget - the broader concept of privacy dates back to the Universal Declaration of Human Rights. And as a human right, it has never been more important than it is today with technology making personal information more accessible. It was no accident that a Bill that began its passage through Parliament as the Privacy of Information Bill became the Privacy Act.

The theme of the Forum this year is "Privacy is your business" which has two meanings.

First of all, privacy matters to individuals. We are now at the point where the collection, use, storage, and disclosure of personal information can occur unnoticed, across borders, and at phenomenal speeds. Privacy is in that sense, very much, your business.
Second, privacy matters to business. Major advances in technology have changed the way in which personal data is collected, stored, and used. The challenge for business is to ensure the benefits obtained through the use of new technology do not compromise individuals' expectations about the security of and use of their personal information. It isn't a case of one or the other. Business efficiency and information management processes that respect individuals' privacy expectations go hand-in-hand.

A business that cannot assure its customers that their privacy will be respected will lose customers to competitors. Here, the degree of trust customers have in the businesses they deal with is paramount.

Let me use the example of the sign that appeared on the airline counters after the current law was first passed. It indicated that the airline would not give out information about passengers due to the Privacy Act 1993. My view was that the notice should have said: 'Because we value our passengers' right to privacy, we do not give out information about our passengers to anyone without their permission.' Advising customers that they had always followed this practice, even before the law change, would have been more honest as well.

I would like to talk more about this issue of trust, and its importance in maintaining an ongoing relationship between a business and its current (and potential) customers.

Before the information technology boom, collection and disclosure of personal information was far more limited. Most personal information was stored manually and it wasn't easy to copy or disseminate written information. A lot more personal information had to be obtained from individuals themselves and that's where trust came into play. Things have changed. The ability to print, photocopy, photograph, videotape, record, collect and analyse biometric information, and so on, means there is no longer a serious barrier to the collection or distribution of personal information. Nor does much of it have to be obtained from the individual concerned.
Increasing use of technology has reduced the personal association between the business collecting the personal information and the individual whose privacy is at stake. Individuals may be perceived, in a millisecond, as "information" in an email, on a disk, or on a webpage. Participants to a transaction may be on the other side of the world from each other. This relative weakening of social relationships weakens the interpersonal regulation of the transfer of personal information.

In an environment where masses of personal data can be disclosed to large numbers of people at the click of a mouse, trust has become more important than ever.

Individuals need to trust that the businesses they deal with will respect their personal information and protect their privacy. But this trust needs to be earned and re-earned. A business that breaches a customer's privacy may not get a second chance. There have been a number of recent examples of privacy breaches that are likely to lead directly to a loss of trust. There was the ticketing company which sent an e-mail to everyone on its mailing list without blocking the display of individual email addresses. And there was the university whose computer "glitch" enabled students to access other student's academic records. The same fault could affect any business that enables customers to access accounts online with disastrous effects on client confidence.

We can't go back to the days where personal information was disclosed only within trusting interpersonal relationships. Few would want to sacrifice the amazing developments in communications technologies to do so. What businesses need to continue to do is adapt.

One way in which businesses can do so is to develop proxies for trusting relationships "at a distance". As the Privacy Commissioner has said before, good privacy is good business. And businesses that are not trusted are not good long- term prospects.
Development of transparent privacy policies that comply with the Privacy Act and best practise will help businesses gain the level of trust needed to attract and retain customers. Secure websites and data storage, complaints procedures, monitoring, staff training, corporate responsibility, and accurate, up to date and honest information for consumers will enhance that trust. Businesses can help themselves by developing top-down privacy-conscious cultures.

The government has a role in enhancing trust too. The Privacy Commissioner's role in promoting privacy awareness is pivotal. With increasingly complex new technologies, New Zealanders need a legitimate source of information about risks to their personal privacy and how to respond to those risks. I applaud the Commissioner's proactive approach in this area and note in particular her focus on educating the young. We can learn from our technologically-savvy young people and I look forward to seeing the video of the winning entrant to the secondary schools video competition for Privacy Awareness Week.

These forums are also an important part of Privacy Awareness Week, because they give us the chance to dissect important issues that are not only a challenge in New Zealand but which challenge other jurisdictions as well.

I have noted that this afternoon's session will include discussion on information disclosures between agencies. This is a vital area of concern for the government. It is not yet entirely clear what people's understandings and expectations of inter-agency information sharing are. We all seem to know when information should have been shared, but that tragically is usually immediately after something has gone terribly wrong and it would appear with the benefit of hindsight that information held by one agency should have been shared with another.

I welcome the discussion this afternoon and encourage you all to think seriously about what is an incredibly important issue.

I conclude with a comment about trusting relationships "at a distance".
I said earlier that trusting interpersonal relationships are no longer the primary enabler of personal information transfer; technology is. Modern privacy law either ensures the individual retains some degree of control over the transfer or approximates a trusting interpersonal relationship – an honest broker as it were.

As technologies continue to evolve and individuals become more burdened by more complex privacy waivers, drivers to eliminate individuals from the information transfer equation will increase. This will mean the primary challenge for law reformers will be to design options such as privacy policies, privacy responsibility plans, privacy standards and technology design standards that can intervene to approximate trusting interpersonal relationships.

I hope you all enjoy an interesting and productive day at today's Privacy Issues Forum and on that note I declare the forum open.


ENDS

© Scoop Media

 
 
 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

2040 Target And Lower Standards: “Swimmable” Rivers Five Times More Likely To Make You Sick

Forest & Bird has condemned the government’s new water quality standards, warning New Zealanders that they lock in current levels of water pollution and allow for a 5-fold increase in the chance of getting sick from swimming in a river.

“Despite an explicit assurance from Minister Smith that the new water standards would provide for human and ecosystem health, he has failed to deliver on either of these things,” says Forest & Bird CEO Kevin Hague. More>>

ALSO:

 
 

Immigration: Clampdown On Rogue Employers Good First Step

The Human Trafficking Research Coalition is pleased at the new clampdown on rouge employers who exploit migrants announced by Minister Woodhouse this morning, and believes this is a step in the right direction. More>>

ALSO:

Mayor: 750 New Social And Affordable Homes For Wellington (Over A Decade)

The next stage of Wellington’s Housing Upgrade Programme will see at least 750 new units of social and affordable housing built over the next decade, Mayor Justin Lester has announced. More>>

ALSO:

22/2: Christchurch Quake Memorial Unveiled

A city, a region, a nation and an international community impacted by the Canterbury Earthquakes will come together to mark the sixth anniversary of the deadly quake and dedicate Oi Manawa Canterbury Earthquake National Memorial. More>>

ALSO:


November Quakes:

Gordon Campbell: On The Mana-Maori Party Deal

If the self-interest involved wasn’t so blatant, the electorate deal between the Maori Party and Hone Harawira would be kind of poignant. It’s a bit like seeing the remaining members of Guns’n’Roses or the Eagles back on the road touring the nostalgia circuit… playing all the old hits of Maori unity and kaupapa Maori politics. More>>

ALSO:

Private Provision: First Social Bond To Focus On Mental Health

New Zealand’s first social bond will help around 1700 people with mental illness into work, Finance Minister Steven Joyce and Social Investment Minister Amy Adams say. More>>

ALSO:

Immigration: Short Reprieve For Nine Indian Students

A temporary hold on deportations of nine Indian students is a step in the right direction but the Government urgently needs to implement safeguards to stop further injustices to more international students, the Green Party says. More>>

EARLIER:


Megaupload Case: High Court Rules Dotcom, Co-Accused Eligible For Extradion

Internet entrepreneur Kim Dotcom and his three co-accused are eligible for extradition to the United States, New Zealand's High Court ruled... Justice Murray Gilbert upheld a decision by the District Court that there were grounds for Dotcom, Mathias Ortmann, Bram van der Kolk and Finn Batato to be extradited. More>>

ALSO:

PREVIOUSLY:

Port Hills Fire: Midday Update, Monday 20 February

• 9 homes destroyed
• 2 homes with partial damage. Damage includes things like cracked windows, heat damage.
• 3 properties with damage to other external structures e.g sheds or outbuildings More>>

ALSO:

Get More From Scoop

 

LATEST HEADLINES

 
 
 
 
 
 
 
 
Parliament
Search Scoop  
 
 
Powered by Vodafone
NZ independent news