Westpac apologises and settles with Nicky Hager over privacy breach

Westpac have apologised to Nicky Hager and agree to pay costs and compensation, settling a complaint by Nicky Hager when Westpac illegally provided the police with banking data when investigating the hack of Cameron Slater (breaching his privacy) that contributed to the book Dirty Politics.

Hager’s lawyer Felix Geiringer:

Nicky Hager has settled his privacy dispute with Westpac with the Bank agreeing to change its terms. Full media statement below.

NZ Herald details Westpac’s apology in Westpac admits breaching Nicky Hager’s privacy by giving records to police

Westpac said in a statement its new policy now required a production order from authorities before releasing private information, except in “extremely limited circumstances” such as Police searches for missing persons.

“We apologise to Hager for our part in the distress these events have caused him and his family”.

“Westpac’s practice at that time was to comply with such requests in the belief that it was entitled to do so under the Privacy Act. However, in the light of the public discussion of Hager’s and other cases, it is clear that bank customers reasonably expect that in similar circumstances such data will be kept private.”

While this is a victory for Hager it is also a win for privacy in general and proper police investigation processes.

The police have already apologised and settled:  Police apologise to Nicky Hager

In a settlement with far-reaching implications, the New Zealand Police have apologised to Nicky Hager for multiple breaches of his rights arising from their 2014 investigation into Dirty Politics.

Nicky Hager’s home was raided by Police in October 2014. The raid was part of an investigation into the source of Nicky Hager’s book, Dirty Politics. In 2015, the High Court ruled that the warrant that was used for the raid was “fundamentally unlawful”. However, many more alleged breaches of Mr Hager’s rights were left to be resolved at a later hearing.

In today’s settlement, Police have accepted that they did not have reasonable grounds for the search, that they attempted to breach Mr Hager’s journalistic privilege in multiple ways, and that they unlawfully obtained his private information from third parties including his bank. [The full Police statement is included below.]

“This is a very important agreement,” said Mr Hager. “The Police have admitted that many things they did in their investigation and search were unlawful. This sends a vital message that people can share important information with journalists with confidence that their identities will be protected. The Police have apologised for threatening that confidentiality and trust.”

As part of the settlement Mr Hager is to receive substantial damages and a substantial contribution to his legal costs. Mr Hager said “Under the agreement, I am not allowed to name the figure. However, it gives the strongest possible indication that Police accept the harm they caused and are much less likely to treat a journalist this way again. The money will help support important work in years to coming.”

During a 10-hour search of his home in 2014, Mr Hager claimed journalistic source protection privilege. He later learned that Police officers breached express promises made during the search and photographed privileged documents to use in their investigation. Police also sought to circumvent Mr Hager’s rights to source protection by obtaining his private information from third parties such as Air New Zealand, Qantas, PayPal, Customs, WestPac, Vodafone, and Two Degrees. Luckily, none of this succeeded in exposing any sources.

“This has been a long fight, but we stuck at it because we believe what we were fighting for was important,” Mr Hager said. “I want to thank my legal team and all of the people around New Zealand who have cared about the case and supported it over the last three and a half years”.

There are other questions raised in this about the speed and degree police investigated Hager after a complaint by Slater, compared to how the police have dealt with complaints made against Slater, for example the soliciting of a hack of The Standard, which Slater admitted in being offered (by police) and getting diversion despite having had diversion previously.


Facebook faltering, slow Zuckerberg reaction may be futile

While a lot of the recent news has focussed on a UK based company, Cambridge Analytica, and it’s involvement in many elections around the world, in particular the UK Brexit vote and the 2016 US presidential election, the company at the core of all of this, the enabler of all of this, has been Facebook.

After several days silence in the face of a growing storm Facebook founder and head Mark Zuckerberg emerged with an attempt at damage control yesterday. He made tis statement )on Facebook of course):

I want to share an update on the Cambridge Analytica situation — including the steps we’ve already taken and our next steps to address this important issue.

We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you. I’ve been working to understand exactly what happened and how to make sure this doesn’t happen again. The good news is that the most important actions to prevent this from happening again today we have already taken years ago. But we also made mistakes, there’s more to do, and we need to step up and do it.

Here’s a timeline of the events:

In 2007, we launched the Facebook Platform with the vision that more apps should be social. Your calendar should be able to show your friends’ birthdays, your maps should show where your friends live, and your address book should show their pictures. To do this, we enabled people to log into apps and share who their friends were and some information about them.

In 2013, a Cambridge University researcher named Aleksandr Kogan created a personality quiz app. It was installed by around 300,000 people who shared their data as well as some of their friends’ data. Given the way our platform worked at the time this meant Kogan was able to access tens of millions of their friends’ data.

In 2014, to prevent abusive apps, we announced that we were changing the entire platform to dramatically limit the data apps could access. Most importantly, apps like Kogan’s could no longer ask for data about a person’s friends unless their friends had also authorized the app. We also required developers to get approval from us before they could request any sensitive data from people. These actions would prevent any app like Kogan’s from being able to access so much data today.

In 2015, we learned from journalists at The Guardian that Kogan had shared data from his app with Cambridge Analytica. It is against our policies for developers to share data without people’s consent, so we immediately banned Kogan’s app from our platform, and demanded that Kogan and Cambridge Analytica formally certify that they had deleted all improperly acquired data. They provided these certifications.

Last week, we learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified. We immediately banned them from using any of our services. Cambridge Analytica claims they have already deleted the data and has agreed to a forensic audit by a firm we hired to confirm this. We’re also working with regulators as they investigate what happened.

This was a breach of trust between Kogan, Cambridge Analytica and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.

In this case, we already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people’s information in this way. But there’s more we need to do and I’ll outline those steps here:

First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.

Second, we will restrict developers’ data access even further to prevent other kinds of abuse. For example, we will remove developers’ access to your data if you haven’t used their app in 3 months. We will reduce the data you give an app when you sign in — to only your name, profile photo, and email address. We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.

Third, we want to make sure you understand which apps you’ve allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you’ve used and an easy way to revoke those apps’ permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.

Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.

I started Facebook, and at the end of the day I’m responsible for what happens on our platform. I’m serious about doing what it takes to protect our community. While this specific issue involving Cambridge Analytica should no longer happen with new apps today, that doesn’t change what happened in the past. We will learn from this experience to secure our platform further and make our community safer for everyone going forward.

I want to thank all of you who continue to believe in our mission and work to build this community together. I know it takes longer to fix all these issues than we’d like, but I promise you we’ll work through this and build a better service over the long term.

It was noted that he made excjses but didn’t apologise in that statement, but he went on to say sorry in an interview.

CNN: Mark Zuckerberg has regrets: ‘I’m really sorry that this happened’

“I’m really sorry that this happened,” the Facebook (FB) CEO told CNN’s Laurie Segall in an exclusive TV interview on Wednesday.

“I started this when I was so young and inexperienced,” the 33-year-old Zuckerberg said. “I made technical errors and business errors. I hired the wrong people. I trusted the wrong people,” he said.

“I’ve probably launched more products that have failed than most people will in their lifetime.”

But ultimately, he said, he’s learned from his missteps.

“That’s the commitment that I try to have inside our company, and for our community.”

But that’s a piss poor apology. He has said he is sorry it has happened, but then went on to make excuses. His assurances he can put things right are very late and quite lame.

Also on the CNN interview: Mark Zuckerberg tells CNN he is ‘happy to’ testify before Congress

Mark Zuckerberg apologized for the data debacle that has upended Facebook and opened the door to testifying before Congress.

“The short answer is I’m happy to if it’s the right thing to do,” the Facebook (FB) CEO told CNN’s Laurie Segall in an exclusive TV interview on “Anderson Cooper 360.”

“What we try to do is send the person at Facebook who will have the most knowledge,” Zuckerberg said. “If that’s me, then I am happy to go.”

If Congress subpoenas him to appear it doesn’t matter how happy Zuckerberg is, he is compelled to appear, it won’t be his choice.

He seems a long way from properly accepting responsibility for the shoddy security of billions of people’s privacy.

And Zuckerberg and Facebook may have put themselves into a hopeless situation.

Blomberg: Mark Zuckerberg Has No Way Out of Facebook’s Quagmire

There’s simply no way to fix the fake news and data abuse problems without destroying the social network’s business model.

I think I understand why Facebook Chief Executive Officer Mark Zuckerberg hasn’tpublicly responded to the Cambridge Analytica scandal. He’s stuck in a catch-22. Any fix for Facebook’s previous big problem — fake news — would make the current big problem with data harvesting worse.

Zuckerberg has obviously responded since this was written, but the same problem persists.

As a media company and one of Americans’ top sources of information, Facebook’s de facto anonymity and general lack of responsibility for user-generated content make it easy for propagandists to exploit. Making matters worse, it isn’t willing to impose tighter identification rules for fear of losing too many users, and it doesn’t want to be held responsible in any way for content, preferring to present itself as a neutral platform. So Zuckerberg has been trying to fix the problem by showing people more material from friends and family and by prioritizing “trusted publishers” and local news sources over purveyors of fake news.

Facebook continues to struggle on the sharemarket today (Thursday US time) after an abrupt fall early this week. And the worst may be ahead for Facebook.

Chinese sounding names revisited

In 2015 Labour got blasted for their claims that data of Chinese-sounding-names proved some point about housing. Most of what I remember is the mess Labour made of it.

Russell Brown has some new information on this that looks bad for both Labour and for the media that ran their story.

At Public Address – Harkanwal Singh: What really happened with those Chinese-sounding-names

The 2015 publication of what has become known as the the “Chinese-sounding-names” story on Auckland home ownership was, says Harkanwal Singh, “a really pivotal moment for me, working in a New Zealand newsroom. Because that’s when I realised that things don’t have to be true to be published.”

Singh was working as the New Zealand Herald’s first dedicated data journalist and was at the meeting where Labour Party MP Phil Twyford and party researcher Rob Salmond brought in their data – which they said showed a hitherto unsuspected level of Chinese foreign ownership in Auckland housing.

“They said ‘we’re not being racist’ as they handed over the data set,” he told Jogai Bhatt and I at last Sunday’s Orcon IRL.

Singh’s questions over the data delayed publication by a week. During that week he contacted Auckland University’s Thomas Lumley and Edward Abraham of Dragonfly Data Science (“the best statisticians in the country”).

“And I went back to my editors and I said, look, you should publish it, but you should say that Labour is saying this – and the statisticians are saying that it’s not true.”

His suggestion was not taken up by his editors.

“The story ran with the headline ‘We have Chinese buyers’ and and all I did was add some bullet points which said ‘this data is wrong’. But they were published on the fifth page, inside, in a little box, so no one really saw them.

“It was hugely problematic and as a immigrant and as a person of colour, I saw a huge problem with it. But no one else in the newsroom saw any problem with it. And when I approached senior journalists I was told ‘it’s a great story’.

“I think it’s still not been addressed and no one’s really addressed how they went about doing it. And it’s a huge issue of data literacy if you’re just going to publish analysis done by political parties for their own goals.”

Concerns of a data expert were ignored in the race to make headlines. This is a stain on the Herald as well as on Labour.

Video of the whole interview:

While this was poorly done by Labour and by the Herald there could be valid concerns about who was buying and financing properties that stoke the price surge.

James Ting-Edwards in comments:


Among the sad parts of this story is that the “foreign money” conversation could have happened without anti-migrant language or dog-whistles.

David Hood had a good go at telling that story here (with the graph above), drawing on data to show a divergence between the rise in NZ house values and domestic borrowing. That “magic money” came from somewhere, and is a legitimate domestic policy target regardless of its source in terms of countries, geopolitics, or cultural ties.

He quotes a key paragraph:

Is all the magic money offshore capital? We just don’t know. There is a lack of evidence of it coming from other parts inside the New Zealand economy, and given the hundreds of billions of dollars, a local source would be somewhat obvious. We also know that in other countries, with more internal housing markets, household debt does not just match the pattern of house value, the amounts add up to the same in gains. In New Zealand there is a 300 billion shortfall.

Proper investigations by Labour and the media may have found the answers.

Instead they went for dog whistling using dodgy data.

Phil twyford is now Minister of Housing, and NZ Herald continues to promote click bait headlines and sack journalists.

Bradbury does dirty

This morning Martyn Bradbury posted

BREAKING EXCLUSIVE: Massive online ACT Party data breach

The Daily Blog has been contacted with information that the ACT Party database has been left open online…

…we’ve had a look, and they are right. There is a huge data base of members and donors on the list, alongside a fascinating document from Franks/Ogilvie to the hard right NZ Initiative outlining their hatred of Maori gaining any power under the new RMA.

As far as I can see the entire database of donors and members are just open on this and I estimate there maybe about a 1000 names there.

To protect their privacy we won’t publish any of their details, but ACT might want to hire someone to make their database secure.

If ACT did have insecure date publicly accessible on a website that’s embarrassing for them and fair enough to point it out and to score a political hit.

But beyond that Bradbury has acted in an inexcusable, despicable way, as did the person he claims alerted him to it. This looks to be as dirty as when Cameron Slater went far to far when someone found insecure data on a Labour Party website.

This is as bad as finding an unlocked building and entering and rummaging through cupboards and drawers, and taking copies of information and publishing it.

Bradbury published information that could reasonably expected to be not intended for the public to see.

The person who enabled Bradbury to breach privacy like this is more culpable.

If the data was still insecure when Bradbury publicised it that put it at great risk of other people finding and copying data and information.

Again, going online publicising an unlocked door is highly unethical.

As per the Slater-Labour breach, fine to publicise lax security, but accessing and searching and publishing information is inexcusable and possibly illegal.

The proper thing to do would be to advise the owner of the data that it was insecure, and after it was secured then fair enough to go public.

What Bradbury has done here is admit himself to the dirty politics hall of infamy occupied by Slater.

Bradbury promotes The Daily Blog as a shiny new alternative to mainstream media (similar to Slater and Whale Oil). Very sadly both operate in the social media gutter.

This makes him more like a sensation and attention seeking scummy dirty blogger. D

It’s hard to believe how irresponsible Bradbury has been here – more so than whoever was responsible for insecure data.

Other contributors to The Daily Blog should be concerned and embarrassed by this.

CIA versus Facebook


Wikileaks released information today about how the CIA can hack devices for surveillance, like TV sets. Sounds terrible.

But what is the ordinary person most at risk of, the CIA spying on them (very slim chance especially here in New Zealand) or Facebook monitoring everything you do online and storing data history of millions of people, with that data being used to directly influence individuals?

And on WikiLeaks:

Salmond back on Labour staff

Rob Salmond has announced (at Public Address) that he as back as a Labour Party leader’s staffer. David Farrar thinks this will be to utilise his data skills for voter targeting and turnout.

Salmond has been in and out of Labour offices. Back in January 2013 Farrar posted at Kiwiblog:  Salmond rejoins the Labour Leader’s Office

on his website discloses:

I am a native-born New Zealander, and also hold US citizenship. I work as Political Director in the Office of the New Zealand Party Leader, a position I have held since early 2013.

I have been a member of the labour party since 1998, and have worked on various partisan and independent campaigns for left-leaning government in New Zealand since 1996.

Earlier New Zealand-based work included positions in the Office of the Prime Minister (2007) and the Ministry of Foreign Affairs and Trade (1998-2001).

It’s fascinating that Rob has moved back to New Zealand to take up this role. A very smart appointment by Robertson and Cameron as I rate Rob’s political and data skills very highly. I expect to see his presence lead to significant changes in Labour’s political operations.

A month before the 2014 election Stuff reported:

Labour leader tried to score a point over John Key yesterday by saying he rarely talks to bloggers, but that seems a stretch.

One of his closest advisers (priming him for the televised debates) is Polity blogger Rob Salmond.

Labour’s vote dropped to 25% in that election, so any changes introduced and advice given by Salmond didn’t help.

Yesterday Salmond announced at Public Address where he had been blogging:

Catch you later

This is my last PA post for a while, as I’ve recently taken on a staff role as Deputy Chief of Staff in Andrew Little’s office

Today Farrar commented on this in Back to the mothership:

Rob specialises in data and politics. I suspect this means Labour will be focusing much more on voter targeting and turnout.

However as we saw with the US election all the data in the world won’t get the wrong candidate elected.

Salmond must think he’s backing the right candidate this time.

He and Labour seem confident that their mayoral campaigning – see Salmonds previous post Four thoughts on polling in Wellington’s mayoral election – had the right formulae.

A key question though – is Andrew Little electable? Perhaps. He shares something in common with someone else’s campaign. Donald Trump had never previously won an election.

Hottest April on record ‘scary’

It’s not just New Zealand that has been enjoying unusually warm weather. The climate keeps trending warmer to record levels.

The latest NASA data shows that last month was the hottest April on record. The last six months have been significantly warmer.

It’s been nice, but it is seen as scary.

Independent (UK): NASA temperature data shows last month was hottest April on record

The information released by the US National Aeronautics and Space Administration on Saturday showed that April 2016 was the sixth month in a row to be more than one per cent above the 1951-1980 average.

Eric Holthaus is a meteorologist who writes for Slate, told The Independent: “It’s scary. I’m at the point where I don’t know what will happen next. We knew an El Nino would impact things, but I don’t think anyone expected this jump.”

NASA data since 1981:


Full data table (since 1880)

Hager, and Whale hypocrisy

Today Nicky Hager milked maximum media coverage of the destruction of his data held by the police since they raided his home and removed computers in 2014.

Radio NZ: No more ‘Rambo’ raids – Hager

There will be no further “Rambo” police raids on the media for a long time, the journalist Nicky Hager says.

He emerged from the High Court today after travelling to Auckland with his lawyer to collect belongings taken during an illegal search of his home in October 2014.

The search came after blogger Cameron Slater laid a complaint when information from his own computer, obtained by a hacker known as Rawshark, was published in Mr Hager’s book Dirty Politics.

For almost 18 months Mr Hager’s belongings have been inside sealed containers in the High Court in Auckland, and today he came to get them back while warning the matter was far from over.

Mr Hager said he is still pursuing the case in the courts regarding what the police did in his home, and whether they should have had access to his bank accounts.

“I’m still gobsmacked that the police thought that it was reasonable to arrive like Rambo and spend 11 hours doing over my house where they found nothing they wanted.

“It was completely and utterly over the top and it would’ve been depressing for everyone who works in this field if they’d got away with it.”

The search and removal of data was found to be illegal, it was over the top and unlikely to have found any incriminating evidence anyway.

Also today Cameron Slater is fully of irony and hypocrisy at Whale Oil. In one post  Spanish Bride asks “Are you a real man?” and included this message:


Meanwhile her husband whines without any solutions in another post:

So Hager and his hacker accomplice get away with it then:

This sickens me.

That little rat-faced c*nt, who used my stolen data, obtained from a criminal hacker he knows the identity of, is getting away with one of the worst paid for political hit jobs in modern history.

I haven’t seen any evidence it was  paid for, nor that it was political. There have been suggestions it could have been payback for is West Coast ‘feral’ attack when a young man was killed, or it could have been an inside job at Whale Oil. Slater has claimed he would reveal all  but he has never come up with any credible revelations.

What is worse is that other journalists also know the identity of the hacker…and worked with him too, to try to subvert an election. Some of them are still working with accomplices.

I have been very, very patient, waiting and hoping that the rule of law will be applied, but it looks like they’ve gotten away with it.

Isn’t it amazing that armies of lawyers are willing to work for free with people who consort with criminals? Meanwhile I have to stretch and beg my readers for assistance.

Slater would probably call someone else a cry baby for that sort of whining.

No one in New Zealand political history has been attacked and hounded like I have been and it is ongoing. I expect they will try again; they already have with sting operations and set ups, all in conjunction with media.

No evidence, no credibility.

They tried to destroy me, some on the left wanted me dead, they have attacked my revenue, laid complaints with IRD, WINZ and Police, all designed to try to hang me for  the crime of being an effective opposing political voice.

Not particularly effective, unless you call getting Judith Collins dumped from Cabinet effective. No political voice is as discredited and marginalised as Slater. He has himself to blame for that. He was likely attacked for being a bully and an arse.

I’ve always spoken against the hacking and taking of Slater’s data, and also against the dumping of a one sided book in an election campaign.

But what’s particularly hypocritical about this from Slater, complaining about his data being hacked and published, is highlighted in a comment.

He is no whistle blower, he committed a criminal act and purely on the basis that he opposed my political view point.

I call bullshit on that. It was more likely because Slater was one of the dirtiest political operators and bullies around.

If you can justify that then you can justify almost any action on that basis.

So what if there are different writing styles, the MSM do it every week, have you noticed the different writing styles on editorials? Post for money…hello the MSM do Native Advertising.

I hope no one ever decides that your private communications should become public interest. I wonder how you would feel then?

I strongly oppose private data being illegally obtained and published.

But it’s hard to have sympathy for Slater on this when he has done worse – obtaining a hard drive of private data (that has copied to others as well) and using it to wage a long term and stilt ongoing vicious and vindictive campaign of harassment against a person and their family.

As far as I’m aware Slater still has access to that data and is unrepentant about having used it. There is far more personal data than Hager got of his.

And it’s likely to be a copy of some of that data – ten years of emails – that has recently been posted publicly online. I haven’t heard Slater condemning that.

There’s similarities  Hager having and using Slater’s data and Slater having and using someone else’s data. I think both were wrong.

But there’s a significant difference.

Hager believed what he did was for the public good and with deal with a festering sore in New Zealand politics, and he was at least to an extent justified.

Slater appears to have used data for one purpose, as a sustained attack on one person, trying to destroy him and his business interests. It seems to have been purely nasty and vindictive. And possibly at least partly paid for.

And Slater is still involved in activities in part at least related to this. I know because I have been on the receiving end of malicious legal action that he has had some involvement in.

So I have little sympathy for his whinging cry baby “poor me” act.

There seems to be no solution for Whale Oil’s whinging. He doesn’t seem to know when to give up his dirty business.

Slater is probably best known for being at the centre of “Dirty Politics”, but he continues to play dirty when he isn’t feeling sorry for himself.


Risk factors for children

Minister of Finance Bill English has announced the release of data on major risk factors for babies through to young adults (ages 0-24).

Final data-set enhances at-risk youth profile

Further data on the risk factors that indicate children are likely to lead difficult lives has been released today, giving social service providers valuable insights into the issues these vulnerable children face, Finance Minister Bill English says.

Since 2013, Statistics New Zealand has collected data from government agencies including the Ministries of Social Development, Health and Education, as well as Child Youth and Family, Corrections, Police and Housing to create the world-leading Integrated Data Infrastructure (IDI).

Mr English says today’s publication extends the analysis to include 0-14 year olds, giving a broader picture.

“Like the two earlier reports, the analysis of the risk factors affecting 0-14 year olds has produced information that will help government agencies, NGO’s, Iwi, Pacifika, and the wider social sector understand the needs of the most vulnerable New Zealanders.”

The analysis has identified four indicators that could lead to poor outcomes later in the lives of this group of children.

  • a CYF finding of abuse or neglect
  • being supported by benefits for most of their lifetime
  • having a parent who has received a corrective sentence
  • having a mother with no formal qualifications

If children have two or more of those indicators they are at much greater risk of having poor outcomes.

Being supported by benefits for most of their lifetime and having no formal qualifications won’t be solved by just giving them more money. Probably the same for most who abuse or have corrective sentence.

Compared to 0-14 year olds with fewer than two of the four indicators, those with two or more indicators are:

  • three times more likely to leave school with no qualifications
  • three times more likely to receive benefits for more than five years between ages 25 and 34
  • three times more likely to receive a prison or community sentence between ages 25 and 34
  • six times more likely to be referred to Youth Justice services
  • four times more likely to be on a sole parent benefit by age 21

Which means the cycle of risk factors is inter-generational, not surprisingly.

Mr English says this means as they grow older, more than a fifth of children who have two or more of these indicators will be on a benefit for five or more years or serve a prison or community sentence.

“Those are grim outcomes by any standards. This information – which is being made widely available – will enable the social sector to create solutions and interventions to better help vulnerable people make positive changes to their lives.”

Alongside the 0-14 year old data-set, Mr English has also launched an online mapping tool called Social Investment Insights which allows users to point and click to drill down into the data by location.

“The Government’s programme of social investment is about using information to improve the lives of New Zealanders with evidence-based investment in social services.

“For the first time we can see the risk-factors affecting young people within their various communities – with the necessary privacy protocols in place.

“This is priceless information for service providers who need to understand the people they are trying to help.

“We want to reduce misery, rather than service it and that requires a deep understanding of the drivers of social dysfunction.”

Not sure why the Minister of Finance has fronted the release of this.

Tools and data can be viewed and downloaded:

Legal opinion on Westpac release of Hager data

An interesting legal opinion from LawGeekNZ (Lowndes Jordan) on Westpac handing over Nicky Hager’s banking information in their investigation into the Rawshark hacking of Cameron Slater’s data.

Privacy Implications of Westpac’s Release of Nicky Hager’s Personal Information

We’ve heard this week that Westpac Bank voluntarily provided the New Zealand Police with author Nicky Hager’s bank account information, without requiring a production order or warrant from the Court. The information was apparently requested on the basis that it might reveal information about the person known as Rawshark, who had allegedly supplied illegally obtained material to Mr Hager, for use in his book, Dirty Politics.

There has been criticism of both the Police and Westpac.

Some of the criticism (that the Police are acting as “totalitarian enforcers” for example) is a little unfair, particularly where the request was made of Westpac, which was fully capable of looking after itself, as did the other organisations that refused the Police request.

In the absence of any evidence of political motivation, the Police were doing what they considered to be their job. They operated within the bounds of the Privacy Act, which, as we shall see, envisages information being provided by an “agency” (a Privacy Act term for a holder of personal information) such as a bank, without the need for any court order.

That’s not to say that the Police weren’t pushing the boundaries. It’s revealing they did not proceed to obtain court orders against the other organisations that refused their request. Perhaps the Police got all they needed from Westpac, or perhaps they didn’t quite have enough evidence to chance refusal of an application to the Court for a production order in respect of the personal information of a high profile person like Mr Hager.

They then go on to look specifically at the Westpac aspect.

Two things we know though.

Firstly, that the information in question is personal information under the Privacy Act. That’s easy when we’re talking about confidential financial information.

Secondly, it’s clear it was released in response to an informal request by the Police without a court order.

But, contrary to various reports we’ve seen, this does not automatically mean there has been any Privacy Act breach. The Privacy Act allows an agency to disclose personal information, without the consent of the individual, where (among other exceptions) that:

is necessary … (i) to avoid prejudice to the maintenance of the law by any public sector agency, including the prevention, detection, investigation, prosecution, and punishment of offences (IPP 11(e))

So, the Police would have sent a request to Westpac, referencing this exception to the prohibition on disclosure without consent and, presumably (although, maybe not, given that other agencies refused), providing evidence why the information was “necessary”.

They then give a number of details and explanations, including document examples. It’s well worth a read if you have an interest in this.

And a more general conclusion:

Given the increasing amount of personal information (including metadata) now held by third parties, particularly as a result of all of our internet use, there is a need for much clearer public explanation by agencies who hold our information as to whether and how it will be released. “Internal policies” no longer cut it in our view.

I agree on this. Much clearer explanations are needed.

This doesn’t just involved banks and companies like Trade Me and communications/Internet/phone companies.

I hold personal data of anyone who comments here. I need to know clearly what my responsibilities are.

As per Westpac under the Privacy Act I have responsibilities to keep information private, but if the police request via a court order that I hand over information about anyone who comments here then I am required by law to do so.

And it’s also possible for the police to request information from me without a court order as they did with Westpac and others in the case of Hager.

This means it is left to my judgement as to whether it is necessary … (i) to avoid prejudice to the maintenance of the law by any public sector agency, including the prevention, detection, investigation, prosecution, and punishment of offences (IPP 11(e)).

So I would certainly like clarification on this.