Stats preps protocols to avoid data integration privacy breach

Statistics New Zealand senior staff have denied that criticisms levelled at government information collectors by the Canadian Privacy Commissioner at a recent conference apply to anything they are doing.

Statistics New Zealand senior staff have denied that criticisms levelled at government information collectors by the Canadian Privacy Commissioner at a recent conference apply to anything they are doing.

The department is readying a set of protocols to deal with data integration, the subject of the conference, and this may become a code of practice under the provisions of the Privacy Act.

Data integration describes the collation of two or more sets of data, through a common identifier for bulk-data research purposes, as distinct from “data matching”, which is concerned with detecting legal non-compliance by individuals.

Canadian commissioner George Radwanski expressed concern at a tendency to design systems for data collection and data integration from a technical and efficiency basis and to bolt on “privacy” protection as an afterthought.

The Wellington conference, on March 21 and 22, was concerned with “data intergration and linked employer-employee data” (Dileed) and outlined a number of projects here and overseas which crossmatch research data about individuals with data collected for administrative purposes, for example name and address data supplied to receive some benefit, or to comply with legal requirements.

Radwanski commented on the scheduling of privacy discussion for the second day of the conference.

“It’s interesting to me that you’re talking first about the technical issues involved in creating these integrated data sets, then about the research that can be conducted using them, and only after that about privacy and confidentiality,” he said, “and that suggests to me that privacy is being confused with confidentiality and security.”

The latter two, he explained, are measures taken to protect data from abuse after the system is completed.

“Privacy is more than confidentiality and security. It can’t be an afterthought. It has to be built into the system from the outset. Indeed, privacy concerns may well determine how you build these systems and maybe even whether you build them at all.”

Radwanski referred to a misguided Canadian government project called the Longitudinal Labour Force Survey, which was to have combined data collected by various agencies into a single research database. The project was canned on the advice of Radwanski’s predecessor, because it contravened “the spirit [if not] the letter of Canada’s Privacy Act,” he said.

Acting government statistician Dallas Welch last week said that Statistics NZ always consults with New Zealand’s privacy commissioner before commencing a data integration exercise. It also has data integration protocols in draft.

The protocols are being developed at the direction of the Cabinet strategy committee “to allow the production and analysis of new official statistics while addressing privacy issues”, the draft protocol document says.

“They apply to integration of data sets where there is no other suitable process for producing the statistics, or where privacy issues are considered to be of significant public concern.”

A proposal to integrate data for statistical purposes must obtain the approval of the government statistician, who must be satisfied that the information to be gained is necessary and that no other way of gaining it is feasible. Relevant stakeholders, including the privacy commissioner must be consulted, says the draft, and an “independent external advisor” should be given the opportunity to make comments. A pilot project should be conducted to identify any problems and assess the value of the data produced.

The “link index” used to relate the sets of data through a common field must not itself be available to users of the integrated database. A variety of other management controls are specified.

The protocols should be concluded within two or three months, says Welch, and may evolve into a “code of practice” similar to those already formulated for direct marketers and in the process of formulation for the telecommunications industry. The process of ensuring the integrity of any new project is easier with a code of practice to refer to, rather than having to interpret the act and consult the commissioner every time.

Welch denies that Statistics NZ has any skeletons in its cupboard similar to the terminated exercise Radwanski referred to.

Join the newsletter!

Error: Please check your email address.
Show Comments
[]