The use of data by businesses and government agencies has hit media headlines for all the wrong reasons lately.

The issues that have arisen fall into 3 areas:

  • Data breaches, i.e. Facebook’s data being breached by Cambridge Analytica using Facebook data for profiling for the US election.
  • NZ Government requesting data from businesses, i.e. Facebook saying no to handing over information about Facebook users.
  • Misuse of data, i.e. are companies sharing information when they shouldn’t be?

In addition to this, changes are taking place on the regulation of data privacy and use. NZ has a new Privacy Data Bill in parliament, and the European Union will implement GDPR (General Data Protection Regulation) on 25 May 2018.

So that's a fair bit going on. But don't forget, in NZ there are clear guidelines that protect the privacy of individuals provided via the Privacy Act.

So, are these data issues really a concern to people in the modern world? Aren’t people more accepting of their data being used if it's used for good?

To help answer these questions, I’ve looked to research conducted by the Office of the Privacy Commissioner. The responses provide insight into what kiwis see believe are the issues and if the current measures are actually ok.

New Zealander’s views on privacy concerns and data sharing

Yes, the issue of data privacy is a concern to the NZ public, but the specific areas of privacy issues they are worried about varies.

  • 65% of New Zealanders are concerned to a significant extent about individual privacy and protection of personal information

TM_1

Our concerns are:

  • 87% - Information children put on the internet about themselves.
  • 81% - Credit card data being stolen.
  • 80% - Security of your personal information on the internet.
  • 78% - Businesses sharing their personal information with other businesses without their permission.
  • 75% - Identity theft.
  • 59% - Government agencies sharing personal data with other government agencies without their permission.
  • 47% - Health organization sharing your information with other health organisations without telling you.

62% of New Zealanders think data should not be shared as the risks to people’s privacy outweighs the benefits. New Zealanders are more sensitive about sharing phone, email, earnings, health, location and website visit data.

The below is a ranking that identifies what types of data New Zealanders are most concerned about sharing with organisations:

  • 80% - Phone conversations
  • 80% - Email messages
  • 67% - Personal earnings
  • 65% - Health data
  • 64% - Physical location over time
  • 55% - Websites visited
  • 42% - Purchasing habits
  • 39% - Date of birth
  • 38% - Political and religious views

New Zealander’s willingness to share their information jumps from 38% to around 60% if certain parameters are put in place by organisations:

  • They can choose to opt out
  • There are strict controls on who can access the data and how it is used
  • Data is anonymised and they can’t be identified

Does the Privacy Act and Privacy Bill adequately cover the publics concerns?

Yes! The Privacy Act sets out 12 clear principles for organisations to follow that protects individuals.

The Privacy Bill has also been introduced to parliament to bring the current act into line with overseas initiatives, such as GDPR in the EU, to make the Privacy Act fit for the current advancements in technology, data usage and public views. The Bill is due to come into force on 1 July 2019.

The Privacy Act and Bill covers all the concerns of New Zealanders. In fact, it goes well beyond that to ensure elements such as:

  • Data is collected directly from the individual and the individual is aware it is being collected and the purpose it is being collected for
  • There are measures in place to safeguard the data from misuse, loss or disclosure
  • Individuals can have access to the information held about them
  • It is mandatory to report any data breaches
  • Data must be checked for accuracy before use
  • Cross-boundary data flow is strengthened, i.e. New Zealander’s data being used overseas

Are NZ businesses adhering to the Privacy Act?

The Marketing Association’s opinion is that NZ organisations take data privacy very seriously by placing the individual/customer at the centre of the data decisions, i.e. they ask is this what the customer would want us to do? They do this because they understand the unwritten principle that just because you can (legally) use the data in a certain way, it doesn’t mean you should – the customer might not approve.

New Zealand also has the Data Warranty Register administered by the NZ Marketing Association. Companies that carry the Data Warranted logo treat your personal information with respect and absolute privacy, in accordance with best practice standards and New Zealand law.

 

So, what are our predictions for the future of data privacy and data sharing?

  • Data types, technology advancements and analytic techniques will continue to evolve and push the boundaries of the Privacy Act and what the NZ public views are.
  • The government will continue to observe changes overseas to data regulation such as GDPR, and survey the NZ public to assess their views as well as, continue to update the Privacy Act.
  • NZ organisations will continue to invest in their data protection systems and processes to protect individuals. If they don’t, they risk losing their customers.
  • Governments will continue to request access to data and social media companies will continue to defend the data protection rights of their users.
  • Data breaches are unfortunately likely to continue, but the misuse of data should reduce as the Privacy Bill and GDPR come into effect.
  • New grey areas will emerge on appropriate use of data and sharing of data as data types, technology, and analytic techniques advance.