KEY POINTS:
New Zealanders who find themselves victims of overseas-based identity fraud may have few avenues for redress, the Privacy Commissioner warns.
At a time when dataflow across borders is booming, Marie Shroff is urging New Zealanders to be wary of the threat of privacy breaches where New Zealand laws would not apply.
"If information is being misused overseas, things can be done but they'd have to be done on a Government-to-Government level," she said.
Ms Shroff's concerns follow an increase in information such as passport, credit and bank details being stored and processed overseas.
Government agencies and private companies are bound by the privacy laws of the country they are based in, but an international company with no base in New Zealand may not offer any protection.
However, Ms Shroff said an invisible hand exists in the private sector that looks after privacy interests.
"Most international companies are increasingly aware of the importance of privacy in retaining customers. Take a bank or insurance company: if they offend or lose the trust of a customer it will directly affect their bottom line, so what's good for privacy is good for business.
"In New Zealand we have a sound Privacy Act based on international standards, and increasingly this is being reinforced and even overtaken by private sector concern with retaining customer trust. There's starting to be a virtuous circle on protecting personal information."
Breaches of privacy could end in a range of consequences, from the irritating - direct advertising, spam, junk mail - to the financially and emotionally crippling - thefts and identity fraud.
These risks have increased with the internet and technological advances, prompting warnings of a Big Brother society where electronic imprints are everywhere: eftpos and credit-card transactions, hidden work cameras and CCTV footage, online shopping, loyalty cards such as FlyBuys and Onecard, and public and private sector databases for health, tax, insurance and banking.
"I sometimes say it's like Comet McNaught, where you have trailing behind you a huge trace of information," Ms Shroff said.
"People think they're moving through space alone, but in fact they're leaving behind a huge number of electronic traces."
Detective Senior Sergeant Dave Potaka said police monitor overseas-bound dataflow in the sense that they "monitor activity that is fraudulent, wherever it might be".
He said most victims of overseas identity fraud were those who fell prey to internet-based scams, such as the emails from Nigeria that asked for bank details.
High-profile domestic cases included Mosgiel man Shane Pritchard, who claimed in 2005 that his life was a living hell because his namesake kept pinning criminal deeds on him.
In a more recent case, Carolyn Jameson had six months added to her jail term after being caught applying for a passport using someone else's birth certificate.
Mr Potaka said police could investigate an overseas-based case through Interpol and diplomatic services, "but at the end of the day we're bound by the different laws of different countries and international law".
Ms Shroff said New Zealand privacy laws were sound, but the best defence was the wary consumer.
"New Zealanders need to be careful who they disclose information to, and how much they disclose, whether in New Zealand or overseas.
"Read the fine print carefully. It is up to you to decide if you're prepared to have information shared. And come to me if you see practices that you think are overly intrusive."
Why worry?
* Bank, passport and personal information is increasingly being stored and processed overseas, where New Zealand privacy laws may not apply.
* New Zealanders should be very wary of signing up and providing information to an overseas-based company.
* Privacy breaches include accessing personal information.
