29 October 2015

The uproar Westpac Bank has understandably caused by releasing personal details regarding Nicky Hager to the Police highlights once more the fragility of public protections in the age of increasing datafication. No matter how it is explained, it is clear Westpac obviously overstepped the mark and will now have to deal with the wrath of customers and the likely loss of accounts that has unleashed.

While that is its commercial problem, the bigger issue this incident highlights once again is the need to ensure the greatest safeguards are both in place and upheld when it comes to the protection of personal privacy. Of course, there is a tension. Citizens have shown overwhelmingly their growing desire to do their business – with the government and the private sector – digitally. And, of course, they expect there to be a reasonable level of basic information-sharing between agencies to prevent duplication and save their time. But alongside that, they have an equally strong expectation that there will not be abuses, and all reasonable attempts will be made to ensure that fundamental values such as the right to personal privacy and safety are not compromised.

The reality is that the age of information-sharing is here to stay, so the challenge is not so much one of holding fast the ramparts against the sharing of data, as it is one of drawing the boundaries clearly, so that the benefits of more information-sharing always outweigh the costs. Information-sharing needs to be customer driven, rather than at the convenience and behest of institutions. For their part, institutions, private and governmental, must never forget that the information they gather and hold is on behalf of citizens, for their genuine benefit. It is not the institutions’ information to be shared at their whim.

It is too easy for politicians to keep saying that better information-sharing is the answer to every problem. While that is undoubtedly true in a number of instances, it is not universally so. There has to be a purpose to information-gathering and sharing – it cannot be just an end in itself. As citizens, we have a right to expect that, not just to be part of an ever-increasing database. Digital transformation is not just about system upgrades, or greater sophistication – to be sustainable its focus has to be on demonstrating a positive, specific and noticeable benefit to the citizen. Convenience must always be balanced by the right to privacy citizens enjoy.

The Westpac case is a good example of what happens when either systems fail, or more likely, the people operating them seek to make a moral judgement about the worth of the information they hold and how it might contribute to what they see as a greater good.

Incidents like this do nothing to build public confidence in the sustainability of a digital future. New Zealand is at the forefront of nations providing services digitally, and our ongoing ability to make progress and secure greater benefits for our citizens rests on their general support. Every privacy breach threatens that goodwill.

That ongoing tension between the advantage of a more digitally oriented society and the protection of personal privacy will not abate while there is any whiff that institutions are cavalier with the personal privacy details they hold. There have been too many incidents in New Zealand in recent years where personal privacy has been sacrificed for a perceived greater good. While that bias remains, we will not secure the full advantages of digital transformation.

Ultimately, this process has to be about using digital transformation to enhance people’s quality of life, and not just one more way to subjugate and control them.