Administering the Privacy Act is as much about telling people what they can do with personal information, as what they can’t. We’ve been coming up with new ways to help agencies understand what the Privacy Act does, and doesn’t do, in order to reduce uncertainty, and promote good practice.
We launched two new initiatives in this vein last year. One was last month’s consultancy service. This is a service we now offer agencies where senior staff from this office – many of them privacy lawyers – work directly with agencies to help them use personal information without compromising individual privacy.
The other was advisory opinions, which we announced in May of last year. These are a way for agencies to test how we would respond to a particular privacy issue. This gives agencies more certainty to make decisions by knowing what our response would be to those decisions.
The first advisory opinion
Today we have published our first advisory opinion: AO 1/2016 NZ PrivCmr 1: Whether addresses of fire incidents are personal information.
New Zealand Fire Service (NZFS) requested an advisory opinion about publishing information about fire incidents. NZFS currently publishes a number of details about fire incidents, but does not include the address of the incident. NZFS was looking to add the address of each incident to these details in order to reduce the number of information requests from insurance companies.
NZFS wanted to know if the address information constituted personal information, and, if so, if it met the criteria for one of the exceptions in the Privacy Act that allows agencies to disclose personal information.
We advised that the information will often be personal information, and that it does not meet the disclosure exceptions. We also suggested an alternative way to share this information with insurance companies without compromising individual privacy.
We look forward to providing more advisory opinions and consulting agencies in the future.
Image credit: SDASM Archives, via Flickr