Too often we are told BOTPA (Because of the Privacy Act) to explain why an agency failed to release information when in fact the failure to disclose has nothing to do with the act.
The real reason may be "patch protection" and lack of trust between agencies, meaning that people are less likely to want to release information, even where it is allowed by the act. Information technology systems in different agencies may also be incompatible, making information sharing more difficult on a practical level, even if in theory it is not opposed.
The Privacy Act does not stop you from sharing information when it needs to be shared. In most circumstances relating to the protection of vulnerable children, there will be an exemption when you need it - such as health and safety reasons (where there is a serious and imminent threat) and the maintenance of the law, including the prevention, detection, investigation, prosecution, and punishment of offences (Information Privacy Principles 10 and 11, section 6, Privacy Act).
The Privacy Commissioner herself has stated in the context of the Nia Glassie case that "It's simply wrong for people to use 'privacy' as an excuse for failing to report abuse of children ... There is little that is more serious and imminent than the need to protect a child."
Police and Corrections (as well as any other public sector agency specified by the Minister of Justice) are able to share information about child sex offenders under sections 181A and 182A of the Corrections Act 2004.
This scheme has been set up outside the Privacy Act to provide more clarity, as confusion and a lack of understanding of the act appear to be real problems.
As the Hon Judith Collins said during the first reading of the Privacy (Information Sharing) Bill, "Agencies are already able to share personal information under the Privacy Act, however, the act itself is unclear and can be misunderstood around when and how personal information can be shared."
The act often requires judgment calls from people who are not legally trained. It is discretion-based, rather than rules-based. To avoid the issue, people who are not comfortable exercising discretion are inclined to either seek permission before dealing with personal information or decline to share information at all. Vulnerable children may suffer as a result.
The Privacy (Information Sharing) Bill 2011 which had its first reading on February 8, 2012 proposes two key changes to the Privacy Act: Removal of the "imminence" requirement so that information can be shared even without consent where there is a serious threat; and creating Authorised Information Sharing Agreements which can mandate information sharing as opposed to the present situation where the act allows sharing in certain circumstances.
The bill also provides helpful guidance to people on the ground who are dealing with information sharing as a part of their work on what to consider when assessing whether or not there is a serious threat.
Agreements can contain more certain rules than the act does, making it easier for people to make decisions regarding information sharing. There remain many safeguards for protection in the bill.
In the four seminars we did in Auckland, Wellington, Christchurch and Dunedin for the Social Service Providers Aotearoa Inc on these issues, concerns were raised about whether the bill should mandate reporting of suspected child abuse. That is a separate issue that would be difficult to accommodate in the narrow scope of this bill. But the bill is at present before the Justice and Electoral Select Committee, so now is the time to tell the MPs what you think before the law is passed.
Mai Chen is a partner in Chen Palmer and author of Public Law Toolbox, to be published on March 14.
