Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Customs, passwords and smartphones (oh my!) Tim Henwood
14 July 2015


There’s been a bit of murmuring on Twitter over the past couple of days because of this news story:

Customs’ discussion paper on the review of the Customs and Excise Act contains a number of proposals – one of which is a new power to require a person to provide passwords or encryption keys to access electronic devices.

It's the digital equivalent of the way Customs officers have historically looked at notebooks, letters and other material belonging to people passing through New Zealand borders.

We’ve emphasised on Twitter that this is a discussion document, and it’s worth repeating again here. It’s got to make its way out of the document and into a bill and through the parliamentary process before it becomes a real power.

That caveat out the way though, there’s no reason we can’t share our response to the discussion document. Our full submission is available here.

We think there’s an important discussion to be had here. The average smartphone ties together so many strands of a person’s life that it’s a pretty much highly condensed slab of personal information.

That means there’s a risk. The information is sensitive so it needs to be protected. It’s important that enforcement agencies can catch the bad guys, but it’s equally important that privacy is considered when writing policy in this space.

Only a couple of months ago we saw the consequences of not respecting this sensitivity at a Brisbane airport. Two sisters were detained while a security staffer went through the contents of a smartphone – emails, photos, contacts, videos - without permission.

The public reaction to this story underscores the importance of addressing this issue with appropriate care. The power Customs seeks should be proportionate to the problem they’re trying to solve. We’d expect that if such a power were to exist, it would have sufficient controls around it to prevent any unreasonable intrusions of privacy.

The discussion paper recognises this, both the sensitivity and volume of personal information held on personal devices, as well as the need for protection against unfair searches. We look forward to working with Customs as they get to grips with this and other issues flagged in the discussion paper.


, ,



No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.