Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

Website logo 275x60
  • Home /
  • Do you really need that information?

Print | Email this page

Do you really need that information? Shaun Ritchie
7 February 2018 at 16:10

Morepork

Knowledge is power – a cliché, sure, but for a reason. As an agency, the more you know about your clients, the more effective your service can be. It makes sense to gather as much information as possible about the people you interact with. So why wouldn’t you?

Well, the Privacy Act restricts what personal information you can collect and how you can collect it. The Act also obliges you to keep information safe from misuse or unnecessary disclosure, and make sure it’s accurate.

A quick tour of the privacy principles

Personal information is both a valuable asset and a risk, so it’s worth thinking about whether you really need the information you want to collect.

Reasons for collecting personal information

Do I have a legal reason for collecting personal information? Is that reason connected to my agency’s work? You should ask yourself these questions before collecting personal information.

It might be obvious why you need the information at first, but you may find you only need some of it, or you don’t need it at all.

Deciding what to collect

You should only collect the smallest amount of personal information you need to complete a task. Let’s take landlords collecting information from potential tenants as an example. There’s some information you need, such as:

  • basic personal details
  • credit check information
  • details to check references.

But some collection is harder to justify. People have complained to us about landlords asking for:

  • their weekly income information
  • how much they currently pay in rent
  • the value of their belongings
  • their marital status
  • the make, model, and registration number of their vehicles.

It’s not clear how this information would help you decide if someone would be a suitable tenant, and collecting it seems excessive.

Storing information safely

Principle five of the Act requires you to take reasonable steps to secure the personal information you hold from loss, misuse, and disclosure.

What counts as reasonable depends in part on how much information you hold and how sensitive it is. Holding excessive personal information makes data breaches and accidental disclosures more likely and more serious.

Storage and security of personal information (principle five)

Letting people access their information

Principle six entitles people to access the information you hold about them. If you have lots of information, you’re going to get more requests and you’ll need more sophisticated record keeping so you can answer them.

Access to personal information (principle six)

Responding to requests from law enforcement

Sometimes Police or other government agencies ask for information about someone to help them maintain the law. Principle 11 lets you disclose personal information to these agencies if you decide it’s necessary to maintain the law.

Maintenance of the law

This can be a difficult decision, but collecting less information will make it simpler.

Tools to help you

Our website has a lot of information to help you with collecting information and other obligations you have under the Act.

Get started with our Privacy Impact Assessment Toolkit

Your obligations under the Privacy Act

Image credit: Morepork by Duncan Watson via New Zealand Birds Online

, , , ,

Back
Previous Blog Post Next Blog Post

Latest Blog Entries

Back to top