Stalling on privacy report fuels speculation

NZ Herald

21 May, 2013 05:30 PM2 mins to read

Privacy Commissioner Marie Shroff. Photo / NZPA

The Government has withheld the findings of a review of the state sector's vulnerability to privacy breaches for several months, creating speculation problems have been uncovered.

Government Chief Information Officer Colin McDonald announced a review of the security of publicly accessible state sector agency IT systems in October last year in response to revelations that private data could be obtained via the Ministry of Social Development's public computer kiosks.

A draft of the review was supposed to have been given to the Government by November 27 last year but is yet to see the light of day.

The State Services Commission has now confirmed the review has been completed. The Herald understands it will be released next week.

Privacy Commissioner Marie Shroff said she understood the report had been completed and delivered to State Services Commissioner Iain Rennie before Christmas last year and Mr Rennie and the Government had been working on their response since then.

However Ms Shroff said there may be good reasons for delaying the report's release.

"If serious vulnerabilities have been discovered it's obviously important to get those closed as far as they can before going public.

"It's also important to get things right before you go public and we certainly wouldn't want to see them doing something that put the public's information at risk."

A spokeswoman for Internal Affairs Minister Chris Tremain said he would not comment until the report was released.

Labour MP Sue Moroney's members bill that would beef up the Privacy Commission's ability to police privacy issues in the public sector was drawn from Parliament's ballot last week.

She said the bill picked up recommendations for a review of the Privacy Act from the Law Commission two years ago which Justice Minister Judith Collins last year indicated the Government would enact via its own legislation.

"The Government has clearly been dragging its feet on addressing the privacy concerns, both through the legislation they've promised and now obviously with the delay in going public with the review from their own Chief Information Officer."