Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Shining light on government information requests Octavia Palmer
18 February 2016

dragonfly

Yahoo, Google, Dropbox, Facebook, Microsoft, Trade Me and others do it. We think it would be a good thing if many New Zealand companies decided to do it too.

A transparency report is a statement issued on a regular basis by a company that reveals the number of requests made by government agencies for its user data, records, or content. It is a way that companies can to be open with consumers about the limits of confidentiality, by revealing the extent to which they cooperate with government agencies.

Transparency reporting also helps policy makers and law makers make decisions about the right balance between surveillance powers and individual privacy.

Our transparency reporting trial

Our transparency reporting trial gives us some insight into how law enforcement, intelligence and revenue gathering agencies used their coercive powers to obtain personal information.

The trial last year revealed that government agencies made nearly 12,000 requests to 10 New Zealand companies for personal information.

Over the period August to October 2015, the companies that agreed to take part in our trial received 11,799 requests for their customers’ information. Of these, the companies complied with 11,349 requests, declined 449 requests and partially accepted one.

The 10 companies that contributed to our trial came from the financial services, communications and utilities sectors.

The five government agencies which made the most requests were Inland Revenue (4,670 requests); Police (3,513 requests); Ministry of Social Development (3,150 requests); Ministry of Business, Innovation and Employment (99 requests); and the New Zealand Customs Service (73 requests).

Information gathering powers

The most frequently cited information gathering powers used by government agencies were:

  • section 17 of the Tax Administration Act 1994 (4,470 requests);
  • section 11 of the Social Security Act 1964 (3,108 requests);
  • production orders under section 71 of the Search and Surveillance Act 2012 (962 requests). 

The remaining requests were complied with without compulsion or an express statutory power. The companies in the trial most commonly cited:

  • Principle 11(e) of the Privacy Act (1053 requests);
  • Principle 11 (f) of the Privacy Act (1,020 requests).

Some conclusions

It is important to acknowledge that companies that comply with information requests are fulfilling an essential corporate duty. Government agencies rely on the information they glean to carry out a wide range of legitimate actions, such as fraud detection and crime investigation.

Feedback from the private sector about this trial has been favourable because businesses see it as an opportunity to foster greater consumer trust and to better understand the effect of information requests on their business.

Our findings indicate that companies want advice about how to responsibly publish public transparency reports and the legal implications of responding to government information requests.

Where to next

We are planning to extend the trial this year to learn more about how government agencies use information gathering powers and to find out more about how companies respond to requests for their customers’ information.

If your company is interested in participating in our 2016 transparency reporting trial, please get in touch. For more information about our transparency reporting trial results, please view our report.

Image credit: Grant Holthausen - Dragonfly on a twig

 

1 comments

, ,

Back

Comments

  • The important question are government agencies using this information legitimately?
    For example section 17 of the Tax Administration Act 1994 was used on a Bank to "track down" a Student Loan borrower after mail was returned due to a slight error in address. IRD "found" the borrower but did not tell him that he was thought to have been missing or that they had changed his mail preferences to an inappropriate address supplied by the bank. Under the Privacy Act individuals must be involved or know about changes to information held on them. In this case the borrower had a right to know a section 17 had been used, and nominate a different address.

    Posted by Michael Coddington, 10/04/2016 9:11am (19 months ago)

    Post Reply

    The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.

Latest Blog Entries