The new privacy commissioner says there is "disturbing" trend of people using accidentally acquired personal information for their own gains.
Commissioner John Edwards told MPs at a select committee hearing today that in the rush to share and connect information online companies and government agencies had not properly considered privacy.
He pointed to the 2011 ACC privacy breach in which the details of 6000 sensitive client were accidentally sent to an ACC claimant.
"Why do we need to email a spreadsheet containing details with 6000 people to 35 managers?," he said.
"Why do these managers all need this personal information?" However, he also criticised the accidental recipients of private information for seeking publicity or personal gain instead of returning it.
"No right-minded member of the community, when they stumble across a wallet containing identifying details and thousands dollars would think they had a right to keep that," he said.
The privacy breaches were often used by people who were frustrated and locked into a struggle with a big organisation, such as ACC or the Earthquake Commission.
"They (the organisations) tend to put a lot of effort to getting their business through and maybe need to think about how do we deal with people who feel they are mistreated. How do we give them a fair go?" Edwards said.
In 2011, ACC claimant Bronwyn Pullar was accidentally sent the private details of 6000 sensitive ACC clients in an email attachment.
ACC later accused Pullar of attempting to use the information as leverage in her battle for ACC cover, a claim later proven untrue.
Last year, EQC accidentally sent the details of 83,000 of its clients to one of its biggest critics, Christchurch independent assessor Bryan Staples.
Marc Krieger, a blogger and former EQC employee who also got hold of the information, published it online.
EQC eventually went to court, spending $150,000, to prevent the further release of the information.
Is Andrew Little a good choice to lead Labour?