Privacy and the converted

Given my interest and work in privacy-related issues, I’ve done a fair number of presentations and attending seminars/workshops on privacy. In retrospect, most of them tended to be uni-dimensional, either presenting a point of view or preaching to the converted.

That’s why I think the privacy roundtables we jointly organised with the Law Commission on 21st and 22nd of June were somewhat unique and successful.

The Law Commission is in its final stage of reviewing privacy law. Over 500 pages the review team lays out the issues and does a great job in comprehensively unravelling complex and difficult questions. Even though there is a separate chapter related to technology, Internet-related issues pervade the report.

That is not surprising as the Internet is making a huge impact on society and thereby privacy. It does, however, pose challenges for organisations such as InternetNZ in responding to the questions the review asks. And there are many of them, often hard to relate to specific changes required in the Privacy Act.

We therefore decided to take a two-pronged approach in responding to the Law Commission’s call for submissions.

First, we submitted our members views on privacy issues that were, in our opinion, fairly straightforward.

Second, we jointly organised two half-days of roundtable meetings with the Law Commission to focus on Internet-related issues. There were about 20 invited participants spanning a spectrum of perspectives- technologists, lawyers, law enforcement, policy thinkers, online service providers, and others who it’s unfair to shoebox with a label.

The conversations were fantastic. For example, a technical discussion on the way the Internet works with packets threw up a great insight that personal information provided as a necessary part of getting a service (such as accessing a website) should not be re-used for other purposes, even though the website could regard that personal information as now being publicly available.

Another example of multiple perspectives was the nature of “reasonable grounds” under Principle 11. So, if a law enforcement officer asks for personal information to investigate a crime, what constitutes reasonable grounds for the agency? A simple verbal request? What about the reality of balancing customer trust and obligations under the law? Is Principle 11 really an enabling provision or a protecting one?

Conversations over the two days were immensely rewarding for the participants. Relating them to specific points for the review team to consider was far more challenging. We’ve done our best in summarising the relevant issues and have passed it on to the review team who now have the unenviable job of incorporating relevant viewpoints with the many others they have received.

Online privacy is a vital part of our mission in protecting and promoting the Internet for New Zealand. As the privacy roundtables have shown, one good way to grapple with the diverse and complex issues is to bring together multiple perspectives.

And, yes, less preaching to the converted.