“The lack of metadata (labelling) coupled with extremely large data holdings has meant that implementing a solution of this size and scale is not achievable at this time,” police told RNZ on Friday.
“Lack of metadata creates challenges with identifying relevant photographs.”
They have got as far as coming up with a plan to delete the photos, and costing it. They did not give the cost.
The privacy commissioner has extended the deadline to mid-2025, but also given police more to do.
They must now create more controls for accessing and using potentially non-compliant photos.
“Exploratory work” on this was now under way with police’s chief information officer and information capability team, police said.
These are the last two out of over a dozen directives imposed on police by the Office of the Privacy Commissioner (OPC) in 2022.
These included having to stop the practice of randomly and casually taking people’s photos, or doing so two times over at a police station, one time officially but a second casually (police said this was with the consent of a person or their whānau, but the OPC rejected that as proper consent).
They also had to dump all the fingerprints they had taken unlawfully, including at the station in this dual, casual way.
Police early on objected that curtailing the practices and deleting the photos would impede their frontline ability to do criminal investigations.
They told RNZ they have now got comprehensive procedures and guidelines around photographing and videoing members of the public, that aligns with legislation.
They recently did a review of smartphone use across 12 districts, and including the Police College, with the results being used now to build “awareness, educate, and engage frontline officers and other staff to drive further improvements in policy and legislative compliance”.
They recently updated instructions to staff about biometrics which include photos and fingerprints.
