logo
ENع
#

Latest news with #MichaelWebster

Kids' consent for photos should always be considered
Kids' consent for photos should always be considered

RNZ News

time4 days ago

  • General
  • RNZ News

Kids' consent for photos should always be considered

Kids' rights around the taking of photos has been highlighted by the privacy commissioner. File photo. Photo: Derich Anrey / 123rf Kids should always know when they are being recorded and why, and should also have the right to withdraw their consent at any time, says the privacy commissioner. The Privacy Commission has put out new filming and photography advice for organisations, in a bid to protect children and young people. Privacy Commissioner Michael Webster said the new guidance on photography and filming - which is aimed at organisations such as schools, sports clubs and cultural clubs - will help to empower children, while their parents and caregivers will be better equipped to understand and exercise their privacy rights effectively "Taking and sharing images of children and young people helps record their achievements and special moments. "But it's also important people are aware of the risks associated with the collection, use and sharing of these images and do what's necessary to protect their privacy and keep them safe from harm." Webster said retention and deletion of images and video were also important, as children changed as they aged. "An image that was once cute and funny could be distressing or cause embarrassment if used or shared today. Consent is best practice - children, young people or their parents should always know that photography or videoing recording is happening and why, and they should also have the right to withdraw their consent at any time." Webster told Checkpoint the Privacy Act meant they worked under the principle of data minimisation. "It's about asking the question 'do I have a plan to delete old images when I no longer have any use for them, and do I have a system for deleting images for when people withdraw their consent to that image being used?'." Webster said NZ schools had already dealing with it with photography and filing policies, as well as opt-out forms. He said consent was not something that was only given once. "As people grow up and change, they will have different views about material taken about them, their parents might have thought it was cute or amusing photo or piece of video when it was done, a teenager is bound to have a different view on that sometimes." He said young peoples' right to privacy needed special attention, and there were unfortunate risks with photos and video footage of children in today's world. "So the guidance is there to help them achieve what they want, which is photos of people having a great time or celebrating successes, while keeping children safe." The full guidance can be found on the privacy commissioner's website here . Webster said further guidance - including detailed privacy guidance for the education sector - will be released later this year. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.

'High and ongoing' risk of more Oranga Tamariki privacy breaches
'High and ongoing' risk of more Oranga Tamariki privacy breaches

RNZ News

time4 days ago

  • Health
  • RNZ News

'High and ongoing' risk of more Oranga Tamariki privacy breaches

Privacy Commissioner Michael Webster says doesn't have "robust systems" in place to protect the personal information it holds. Photo: VNP / Phil Smith Privacy Commissioner Michael Webster says the children's ministry remains at "high and ongoing risk" of disclosing vulnerable children's highly sensitive information. He has issued Oranga Tamariki a compliance notice to compel it to do more to fix its deficient training, data sharing and privacy systems. "Oranga Tamariki currently doesn't have sufficiently robust systems and practices in place to appropriately protect the personal information it holds," he said. In breaches documented in an investigation report kept under wraps for a year, and only revealed by RNZ in March, several women and whānau suffered actual physical harm including from being attacked, after Oranga Tamariki disclosed information it should not have. It had let slip addresses and names, for instance. A series of serious breaches have been notified to the commissioner since 2020 (prior to 2019, OT and other public agencies were not mandated to alert him). "These incidents have put vulnerable children, parents and caregivers at risk as well as retraumatised victims," Webster said in the [ compliance notice] issued on Monday and announced on Wednesday. "I consider there is a high and ongoing risk that without taking steps to mitigate the risk, serious privacy breach incidents will continue to occur." The compliance notice said OT had improved under a fixit plan that did not go far enough, ordering the ministry to take further measures by October, and some by March 2026. Webster listed ongoing weaknesses around personal information he had identified, including documents and devices being lost, or disposed of loosely, and inadequate access controls. Staff persisted in having access to personal information they should not have, over a year after an investigation report had warned OT it must clamp down on access. At that time, even trainees were being allowed into files which they shouldn't have been allowed to access. The investigation report was released to RNZ in March 2025 after months of asking for it. Not only did the April 2024 investigation state the scale of breaches was impossible to know as OT did not keep proper records of them, but the compliance notice is now once again ordering the ministry to set up a proper privacy breach reporting framework. The other measures the ministry must undertake by October entail not just strengthening its own systems, but externally, too, with the commissioner ordering stronger contracts with NGO service providers around keeping information secure and disposing of it. The ministry must begin to audit how it was going, the compliance notice said. Earlier this month, RNZ reported how the ministry had yet to make a start on half a dozen of the recommendations in the privacy breach April 2024 report, while a dozen others were underway but not complete. Among those not started was the setting up of an induction process so new staff were less likely to breach clients' privacy. In June 2024, RNZ reported that dozens of analysts at the ministry had access to personal details about at-risk children they should not have. A key weakness is technology: The ministry's core information IT systems, including its social worker records about thousands of children, are old and weak, but it has continued to struggle to find the resources, expertise and time to replace them. Webster said the new compliance notice was necessary to "underpin" the improvements OT was making. The ministry said on Wednesday it continued to work closely with the Office of the Privacy Commissioner on improving how it looked after information. It elevated the chief privacy officer role higher up among management, and instituted an improvement plan that would be completed in 2026. "The Privacy Commissioner was involved in the development of that plan. We continue to make good progress on implementing the plan, with several actions already completed or significantly progressed prior to receiving the notice," Acting chief privacy officer Jane Fletcher said in a statement. It had not had any notifiable privacy breaches in the past 18 months, she added. A tech upgrade called the Frontline Technology Systems Upgrade would "deliver greater safety, security and privacy". The ministry said Fletcher was acting in the role while Philip Grady was on secondment at Health New Zealand. The chief privacy officer job was elevated from a tier five to a tier two management role eight months ago as a result of the breaches investigation. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.

Privacy Commissioner Issues Compliance Notice To Oranga Tamariki
Privacy Commissioner Issues Compliance Notice To Oranga Tamariki

Scoop

time5 days ago

  • Business
  • Scoop

Privacy Commissioner Issues Compliance Notice To Oranga Tamariki

Press Release – Office of the Privacy Commissioner Oranga Tamariki has one of the most important roles in New Zealand – to help safeguard the wellbeing of our children, particularly those children in their care. Improving its privacy practices will contribute to the safety and wellbeing of children, their … A compliance notice has been issued to Oranga Tamariki for failing to comply with the requirements of the Privacy Act. The Privacy Commissioner has also taken the step of publicly releasing the Compliance Notice itself. Privacy Commissioner Michael Webster says while Oranga Tamariki has taken positive steps to improve its privacy practices, considerably more improvement is needed. 'Oranga Tamariki has one of the most important roles in New Zealand – to help safeguard the wellbeing of our children, particularly those children in their care. Improving its privacy practices will contribute to the safety and wellbeing of children, their whānau, caregivers, and foster parents Transparency about the nature of the Compliance Notice requirements is in the public interest and is an important accountability mechanism. We all have a stake in ensuring Oranga Tamariki improves its privacy performance.' The notice has been issued in response to a series of privacy breaches reported to the Commissioner that have caused serious harm to whānau and tamariki. It relates to the storage and security of personal information, and its unauthorised disclosure. Under the compliance notice, Oranga Tamariki will need to make privacy improvements including improving staff skills and capability, and strengthening three areas: 1. Information access settings 2. Oversight of service providers 3. Accountability and reporting of privacy incidents. These improvements will need to be completed by 31 March 2026. 'I consider the notifiable privacy breaches reported to my Office and the systemic privacy issues identified in an independent review to be significant. This is because the sensitivity of the personal information involved and the vulnerability of the individuals the information relates to is at the high end of seriousness', Mr Webster says. 'Oranga Tamariki currently doesn't have sufficiently robust systems and practices in place to appropriately protect the personal information it holds, as required under the Privacy Act, and there is ongoing likelihood of further privacy breaches.' OPC began an investigation into the privacy practices and culture at Oranga Tamariki in 2022, and in May 2023 recommended it commission an independent review of its privacy practice and culture. 'That report was completed in April 2024 and confirmed our concerns about systemic failures in protecting sensitive personal information that Oranga Tamariki holds. 'In response to that review, Oranga Tamariki has taken steps to improve their privacy practices, including undertaking a privacy improvement plan, and this is a positive move towards helping keep sensitive information about the children they care for safe'. 'This is a good step forward. However, there is still a considerable amount of work for Oranga Tamariki to do to improve their privacy practices that goes beyond this plan to address the ongoing risk of further serious privacy breaches resulting in harm to individuals.' Issuing a Compliance Notice, and publicly releasing it, will ensure Oranga Tamariki takes the steps necessary. 'We are all invested in the safety of the children in Oranga Tamariki's care, and keeping sensitive information about children safe is critical.'

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into the world of global news and events? Download our app today from your preferred app store and start exploring.
app-storeplay-store