3 Mar 2017

Govt on shaky ground over data-for-funding contracts, lawyers say

10:52 am on 3 March 2017

Law experts say the government is breaching privacy laws by making social services hand over their client's personal details before they can get funding.

Dr Ang Jury CEO of Women's Refuge

Women's Refuge chief executive Ang Jury says the government's data-for-funding contract is not ideal. Photo: RNZ / Rebekah Parsons-King

More than 800 groups will have to provide client names, birthdates, ethnicity and the personal details of any dependents under contracts taking effect from July.

Women's Refuge chief executive Ang Jury said agencies would have to abide by the contract change if they wanted to keep their funding.

"If agencies choose not to share this information they won't be contracting with the ministry. That's pretty much where it sits."

Dr Jury said it was not an ideal situation for the refuge but they were not in a position to say no.

"This is not something that we would happily go out and say, 'yes, this is exactly what we want to do'.

"If it is going to happen, our job now is to make sure we get the sort of safeguards built around that information that we need to keep our women and children safe," she said.

Privacy lawyer Kathryn Dalziel said the Ministry of Social Development (MSD) looked to be on shaky ground.

"This is a potential breach of privacy because they don't appear to have identified, anywhere, the purposes for which they are collecting that information.

"There doesn't seem to be any transparency around it ... I also don't think it's fair," she said.

"Principle 2 of the Privacy Act says that if you want to collect information from third party, you have to have a good reason.

"You also have to have ... lawful and reasonable purposes for collecting that information in the first place. Now, none of that has been done."

University of Canterbury dean of law Ursula Cheer took issue with the ministry's approach.

"It's actually arguable that the contract itself could be seen as encouraging the NGOs to breach the Privacy Act, because the NGOs then, of course, have to comply with the Privacy Act when they get the information off their clients."

Dr Cheer said NGOs would be forced to tell their clients they would only receive funding if they gave their personal details.

Ministry of Social Development deputy chief executive Murray Edridge defended the way the NGO contracts were being handled.

"We've been through the Privacy Act in detail. We know what the principles are. We will be providing more information and we're doing that in conjunction with a number of providers in the sector.

"We are working on what is it that they need to say to their clients - how are we explaining the requirements or data."

He told Nine to Noon MSD is working with the Privacy Commission.

"We're in the middle of designing this process ... we've signalled it way in advance of its implementation", Mr Edridge said.

"We are working through what that looks like now with all the parties involved, including the community providers, the NGOs and the privacy commissioner.

"So if he says something that's of real significance in the space we will pay attention to that."

The privacy commissioner is investigating the issue and is due to report back by the end of the month.