Privacy breaches 'milked for own gain'
The new privacy commissioner says there is a "disturbing" trend for people to use privacy breaches for their own gains.
Speaking before MPs at a select committee hearing in Parliament yesterday, commissioner John Edwards said that, in the rush to share and connect information online, companies and government agencies had not properly considered privacy.
He pointed to the 2011 ACC privacy breach in which a spreadsheet containing the details of 6000 sensitive clients was accidentally sent to an ACC claimant.
"Why do we need to email a spreadsheet containing details with 6000 people to 35 managers? Why do these managers all need this personal information?"
However, he also criticised the accidental recipients of private information for seeking publicity or personal gain instead of returning it. "No right-minded member of the community, when they stumble across a wallet containing identifying details and thousands of dollars, would think they had a right to keep that."
The privacy breaches were often used by people who were frustrated and locked into a struggle with a big organisation, such as ACC or the Earthquake Commission. "They [the organisations] tend to put a lot of effort into getting their business through and maybe need to think about how do we deal with people who feel they are mistreated. How do we give them a fair go?"
In 2011, ACC claimant Bronwyn Pullar received the personal details of 6000 sensitive ACC clients by accident via email.
ACC later accused her of attempting to use the information as leverage in her battle for ACC cover, a claim she denied and was later proven untrue.
Last year, EQC accidentally sent one of its biggest critics, Christchurch independent assessor Bryan Staples, the details of 83,000 of its clients.
Marc Krieger, a blogger and former EQC employee who also got hold of the information, published it online. EQC eventually went to court, spending $150,000 to prevent the further release of the information.
The Dominion Post