Westpac's strike against personal privacy
29 October 2015
The uproar Westpac Bank has understandably caused by releasing personal details regarding Nicky Hager to the Police
highlights once more the fragility of public protections in the age of increasing datafication. No matter how it is
explained, it is clear Westpac obviously overstepped the mark and will now have to deal with the wrath of customers and
the likely loss of accounts that has unleashed.
While that is its commercial problem, the bigger issue this incident highlights once again is the need to ensure the
greatest safeguards are both in place and upheld when it comes to the protection of personal privacy. Of course, there
is a tension. Citizens have shown overwhelmingly their growing desire to do their business – with the government and the
private sector – digitally. And, of course, they expect there to be a reasonable level of basic information-sharing
between agencies to prevent duplication and save their time. But alongside that, they have an equally strong expectation
that there will not be abuses, and all reasonable attempts will be made to ensure that fundamental values such as the
right to personal privacy and safety are not compromised.
The reality is that the age of information-sharing is here to stay, so the challenge is not so much one of holding fast
the ramparts against the sharing of data, as it is one of drawing the boundaries clearly, so that the benefits of more
information-sharing always outweigh the costs. Information-sharing needs to be customer driven, rather than at the
convenience and behest of institutions. For their part, institutions, private and governmental, must never forget that
the information they gather and hold is on behalf of citizens, for their genuine benefit. It is not the institutions’
information to be shared at their whim.
It is too easy for politicians to keep saying that better information-sharing is the answer to every problem. While that
is undoubtedly true in a number of instances, it is not universally so. There has to be a purpose to
information-gathering and sharing – it cannot be just an end in itself. As citizens, we have a right to expect that, not
just to be part of an ever-increasing database. Digital transformation is not just about system upgrades, or greater
sophistication – to be sustainable its focus has to be on demonstrating a positive, specific and noticeable benefit to
the citizen. Convenience must always be balanced by the right to privacy citizens enjoy.
The Westpac case is a good example of what happens when either systems fail, or more likely, the people operating them
seek to make a moral judgement about the worth of the information they hold and how it might contribute to what they see
as a greater good.
Incidents like this do nothing to build public confidence in the sustainability of a digital future. New Zealand is at
the forefront of nations providing services digitally, and our ongoing ability to make progress and secure greater
benefits for our citizens rests on their general support. Every privacy breach threatens that goodwill.
That ongoing tension between the advantage of a more digitally oriented society and the protection of personal privacy
will not abate while there is any whiff that institutions are cavalier with the personal privacy details they hold.
There have been too many incidents in New Zealand in recent years where personal privacy has been sacrificed for a
perceived greater good. While that bias remains, we will not secure the full advantages of digital transformation.
Ultimately, this process has to be about using digital transformation to enhance people’s quality of life, and not just
one more way to subjugate and control them.