Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Gosh! Spying! SR
1 November 2016

spying cat

Your thoughts about our country’s security and intelligence agencies might fall into one of at least four broad categories. We’ve listed them as:

  • Gosh! Spying! That must be so fascinating, all trench coats, secrets and dark glasses!
  • Spy agencies provide a necessary service, but their powers should be constrained and their oversight should be exacting.
  • Spy agencies pry on innocent New Zealanders and our membership in the Five Eyes super network is unnecessary.
  • The SIS and GCSB? Who are they?

Parliament’s Foreign Affairs, Defence and Trade Committee will be hearing some of these views in public submissions on the Intelligence and Security Bill 2016. The Bill overhauls the legislation governing the New Zealand Security Intelligence Service (SIS), the Government Communications Security Bureau (GCSB), the Inspector-General of Intelligence and Security and the Intelligence and Security Committee of Parliament.

Applying the privacy principles

The Bill, as introduced, extends the coverage of the information privacy principles so that they apply to our intelligence agencies.

The Privacy Act’s 12 information privacy principles require New Zealand agencies to collect personal information lawfully and transparently, store it securely, give people access to their own information when requested, ensure its accuracy, use the information for the purpose it was collected and not disclose the information unless the law allows it.

Under current law, the intelligence agencies are exempted from nearly all of these principles - although they still generally need to provide access and correction on request.

The Bill proposes applying many of the privacy principles to the agencies and effectively broadening the oversight of their activities. Under the Bill, members of the public would be able to complain to the Privacy Commissioner about the agencies if their information is collected unlawfully or stored insecurely, if the agencies refuse to disclose their personal information to them, if the information held by an agency is inaccurate or if the information is unreasonably disclosed.

But for the most part, the intelligence agencies’ work goes on out of the public view. How then would you know if your personal information was being handled badly enough to warrant a complaint? Well, the extension of these extra principles will place a legal responsibility on the intelligence agencies to act in accordance with the principles. They will be required to have privacy policies in place and have a sufficient compliance regime to ensure those policies are followed.

To exempt or not to exempt

The Bill proposes continuing the agencies’ exemption from principles 2, 3 and 4(b). These exemptions mean intelligence agencies don’t need to collect personal information directly from the individual concerned, or to be transparent about how and why they’re collecting it.

The exemption from principle 4(b) means the agencies can intrude to an unreasonable extent upon the personal affairs of the individual concerned in order to collect the personal information - think of a camera in your bathroom.

The Privacy Commissioner has recommended to the Select Committee that all the information privacy principles should apply to the intelligence agencies. All other government agencies which have intelligence roles and deal with national security information - such as Police, Customs and the Ministry of Defence - are subject to all 12 principles.

Continuing oversight

Ensuring compliance with the principles will be the role of both the Privacy Commissioner and the Inspector-General of Intelligence and Security (IGIS). IGIS is the specialist oversight body responsible for ensuring the intelligence agencies’ actions are lawful and proper. IGIS also reviews the effectiveness and appropriateness of the intelligence agencies’ compliance systems.

As the Privacy Commissioner and IGIS have roles that intersect on issues relating to the intelligence agencies, the Privacy Commissioner has recommended to the Select Committee that he be given the ability to consult with IGIS. IGIS would also retain her ability to consult with the Privacy Commissioner on any of her functions.

The Commissioner is due to appear before the Select Committee this week to speak to his written submission on the Bill and the Committee is due to report back to Parliament in February next year.

Image credit: Spying cat - via RSPCA WOAW


, ,



No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.