IT managers are concerned about the government’s provisions for access to protected computer files under the Counter-Terrorism Act, passed last week.
The act includes a contentious set of clauses compelling IT staff and computer users to give law-enforcement officers computer and network passwords, even if the evidence found incriminates the person as a result.
IT managers see a risk to the confidential information of clients uninvolved in any inquiry, and in the local government sphere they perceive a danger to the public confidence that should underlie electronically-assisted democracy.
“The issue will be the status of any warrant as against the Privacy Act,” says Capital Coast Health director of information management and planning Andre Snoxall. If CCH had to give up a clinician’s password, for example, this would open access to confidential information on many patients.
“We’d have to contact the [privacy] commissioner and take legal advice if it ever happened.”
Concern extends to the private sector. “I think this would definitely be a problem for us,” says Feltex IT manager Henrietta Liebenberg, “though I’d find it hard to think what they would want.
“If they have passed a law, I suppose we will have to comply. We will have, as the saying is, ‘nothing to hide’. But it’s getting to be almost like a police state — too intrusive.”
Sarah Allison, manager of information management at Hutt City Council, says she cannot see the act posing any “immediate operational difficulty” for the council, but she has longer-term concerns.
“All information stored on any drive on council computing equipment is deemed to be the property of the council and subject to internal audit and current OIA [Official Information Act] and privacy law,” Allison says.
However, she sees in the government’s changes a risk of subtle undermining of electronically-aided democracy. The council is actively seeking to increase participation in the democratic process and engage the community through consultation and partnership.
“One of the ways we are intending to support this is to work towards a model of e-consultation, e-collaboration and e-democracy. Any move that undermines confidence in information systems and open participation, even if indirectly, makes the process of public engagement in the electronic world more difficult.”
The removal of a right not to incriminate oneself is regarded in many countries as fundamental. In New Zealand the change has been applied not only to suspicion of terrorism offences but a broad range of other, lesser, offences covered by the Summary Proceedings Act.
Justice Minister Phil Goff argued that the provision was aimed at violent crime, which would blend seamlessly into terrorism, or at offences such as drug trading, whose proceeds could be applied to terrorism.
However, at the beginning of the year the government attempted a similar removal of the right to refuse self-incriminating information as part of the Climate Change Response Bill, which enshrined New Zealand’s commitment to the Kyoto environmental agreement. That clause of the legislation also was to apply in the case of people suspected of hiding pertinent information on a computer system.
It was removed during the progress of the bill through Parliament, after strong objections from many authors of submissions.