Scoop has an Ethical Paywall
Licence needed for work use Learn More
Parliament

Gordon Campbell | Parliament TV | Parliament Today | Video | Questions Of the Day | Search

 

Peter Dunne Address at 2015 Identity Conference

Address to Open Day Two of the 2015 Identity Conference

Good morning, thank you for the invitation to speak today.

I would like to acknowledge the excellent speeches yesterday given by Honourable Bill English, and Rebecca Kitteridge, as well as guests joining us today: Liz Macpherson, John Edwards, conference guests, and attending media.

I want to start this morning by looking at how far we have come over the last 20 years or so managing identity and privacy, where we are headed and the Government’s focus on digital delivery.

One of the advantages of longevity in Parliament is that it gives you a certain perspective. The world has come a long way since 1991, when as an Opposition Labour MP I promoted the Information Privacy Bill, which was a forerunner to the Privacy Act.

In those days, Birth, Deaths and Marriages records were kept in ledgers in court houses around the country, where people visited in person to register their live events. Personal computers had begun to appear on the desks of public servants, but government departments had not yet got internal email, let alone external email. iPhones, iPads or SmartWatches were still the stuff of science fiction.

Ministerial office diary management and email was about to move to new technology called Lotus Notes. The idea of an email was as novel as it was rare.

The height of sophistication was being able to fax information rather than photocopy it, and mass media campaigns were only just getting used to the idea of the “fax attack.”

Advertisement - scroll to continue reading

Protecting privacy was about making sure groups like Reader’s Digest did not put you on their mailing lists, unless you specifically asked them to do so.

Fast forward 24 years and we now live in a digital age of selfies, big data, data mining, increased focus on privacy and an increased desire from the public to do business with the government and the private sector digitally.

Digital identity and privacy are at the heart of the themes of this Identity Conference:

How can we reap the benefits whilst minimising the risks of ‘datafication’ and data-driven innovation in the public, private and community sectors? Have our concepts of identity and privacy changed in the era of ‘big data’? How can we best protect fundamental values, such as privacy and safety, in an increasingly digitised and connected world?

What are good practices of privacy- and security-by-design? How do we achieve user-centric forms of managing identity within and across multiple digitally-enabled relationships, and what are the implications for service providers? How can service providers build and develop privacy-friendly, secure, trusted, transparent and inclusive digital relationships with their customers? How can we protect our identity information against current and future cyber security threats in a resilient way?

Against the backdrop of these fundamental questions, we must acknowledge that at the same time New Zealanders want it to be easy to deal with government online.

Constituents expect joined up government. As Minister of Internal Affairs and the MP for Ohariu, I am struck constantly by the number of people I see who genuinely assume that their basic information is already readily accessible by a range of government agencies.

Moreover, they seem somewhat surprised – and in some cases become quite agitated (“I have already given that information to such and such a government agency”) – when asked to provide it again.

They not only expect their information to have been passed on, but seem to think that is acceptable...but people want their privacy protected and are worried about information-sharing.

By way of contrast, people appear far more concerned at a global level about the sharing of their personal information and the implication that nothing is private any more, and that their every communication, indeed activity, is monitored in some way by an increasingly inquisitive state.

And all this is occurring against a backdrop of a communications revolution which is making the capacity to obtain and share information greater day by day, and where the whole process of government is increasingly technologically driven.

Bruce Schneier’s book, Data and Goliath, describes our challenge this way: “Your cell phone provider tracks your location and knows who’s with you. Your on-line and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick or pregnant, Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches.”

This apparent contradiction has particular implications for New Zealand.

New Zealanders are increasingly taken with the idea of doing their business with government – like paying their taxes, or renewing their passports – online, and at a time of their convenience.

They like the freedom new circumstances are now providing, and are pushing the government to do more in that space. New Zealanders want joined-up government, but they do not want to have to trek from agency to agency providing the same information over and over again.

Instead, New Zealanders want to have a digital experience with government where they can complete their transactions easily (where the ‘customer is at the centre’, just like their experience with the private sector such as online shopping with supermarkets or the dozens of ‘daily deal’ websites).

We are at the forefront of nations when it comes to joined-up government services – services developed around customer needs, and delivered across agency boundaries with the customer at the centre. The potential advantages of joined-up government are great – particularly to the individual – but so too are the risks.

Role of Ombudsman, Privacy Commissioner and GCIO

Information sharing is the way of the future, but it needs to be balanced by ensuring that our privacy and official information legislation, and official functions like those of the Ombudsman and the Privacy Commissioner are kept fit for purpose to ensure they can effectively protect the individual from any risks inherent in the expansion of joined-up government.

The balance between information sharing to enhance people’s lives and information sharing to control them is a fine one, demanding constant vigilance.

There is, after all, now no turning back. Joining up government services has its advantages, but also its challenges. As we move increasingly into the digital world, we must ensure that we are following best practices in privacy and security so citizens can be confident that their information will be protected.

Protecting the privacy of personal information from improper access and use by government and other agencies has been a particular area of interest for me – from the time of the Information Privacy Bill nearly 25 years ago, through to my insistence in 2013 that the GCSB and SIS become subject to five yearly independent reviews, the first of which was set up within the last week.

We need proper and robust systems to protect the privacy of personal information from the intrusion of a coercive or prying state, and for clear accountabilities to be exercised when there are breaches, alongside the development of new ICT systems.

Citizens will trust the Government with their information, only so long as they are confident the Government will not misuse their information. And that raises separate questions, beyond the immediate scope of today’s discussion about the volume and nature of information being collected, and is it all actually necessary to be gathered.

Last week, the United States House of Representatives voted to stop the mass collection of Americans’ telephone data by the National Security Agency. I suspect New Zealanders would have a similar view about their telephone records, and that there will now be pressures on our intelligence agencies to stop any mass data collection programmes they have underway, especially if it is being made available on an indiscriminate basis to other countries.

Role of GCPO

To help provide a foundation of trust we have tools like RealMe (about which I will speak more later). We have also created the role of Government Chief Privacy Officer to ensure there is a long-term focus on setting privacy standards and building privacy capability within agencies.

The GCPO’s role is to provide leadership to the public sector in managing private information better; engage with senior leaders in the public sector to raise awareness of privacy issues; and to engage with them about managing their agency risk better; build capability and knowledge across the state sector; and through those activities provide assurance to Government that privacy practice is improving.

Russell Burnard was appointed as GCPO in July 2014, and his first key task was to establish expectations for Chief Executives in improving their privacy focus and performance. Chief executives are expected to develop strategies, roadmaps and governance structures; understand their information inventories and assess risk; develop programmes, processes and policies to manage that risk; build privacy into their audit and assurance programmes.

The Government expects agencies to meet these expectations; and expects the GCIO and GCPO to help them in achieving this culture change.

Need to use data effectively: Data futures forum.

At the same time as we work to protect privacy, we need also to unlock the value of the information we hold, and use it to make smarter, faster, evidence-based policy and business decisions for the benefit of all New Zealanders.

We therefore need to be able to tap into the huge volumes of data we hold in individual agencies, and bring that data together more effectively for analysis and problem-solving. And we need to have a data-driven approach to get to a point where the customer is better understood and as a result, better served.

We have set up the New Zealand Data Futures Forum - a Government working group to advise ministers on how the collection, sharing and use of business and personal information will impact public services in the coming years.

The Forum’s role is to identify opportunities to maximise the benefits of big data, and to sound any warning bells about things that we need to consider on the data management fronts. One of the Government’s priorities is to deliver better public services within tight fiscal constraints.

We are working to improve areas that are fundamental to the well-being of New Zealanders such as healthcare, education, social services, and above all, strengthening the economy. The key to doing more with existing resources lies in productivity, innovation, and increased agility to provide services. So agencies need to develop new business models, work far more closely with each other as one coherent system, and harness new technologies in order to meet emerging challenges.

A quiet revolution is underway in the provision of public services. Under the guise of its “Better Public Services” programme the Government is deliberately changing the way in which public services are delivered, and also, and perhaps more importantly, the way the public service identifies and designs the services it provides.

Result 10

As Minister of Internal Affairs I am responsible for Result Area 10, which relates to the provision of on-line government services. Our objective is to make it easy for New Zealanders to complete their transactions with government online – to deliver integrated digital services designed around the needs of New Zealanders, rather than requiring New Zealanders to be experts in how Government departments work.

According to the United Nations E-Government Survey released in July 2014, New Zealand already shows “an exemplary commitment to the provision of transactional services” and is ranked 9th in the world, up significantly from just a couple of years ago.

We are especially well regarded for the work we have done on cloud computing and the use of the creative commons licence for open data. Last year, we joined with Britain, Estonia, South Korea and Israel to form the D5 group of nations tom promote the delivery and expansion of on-line government services, and already, we play an active part in that group.

Digital transformation is about people

All of this, of course, will excite the digital enthusiast – who knows what it means – but it has little immediate resonance with the average citizen. And that is the challenge of digital transformation.

It cannot just be about system upgrades, but it has to demonstrate a positive, specific and noticeable benefit to the individual to be valuable and sustainable. One such demonstration in the New Zealand context is that we have recently renewed the 300,000th adult passport online.

That percentage of on-line renewals is rising steadily, with the time involved dropping dramatically to just two to three days. My office receives a constant stream of positive feedback about the Passport Online Renewal Service. New Zealand is one of the only, if not the only country where you can renew your adult passport entirely online.

Online birth registration – a new success story

Thousands of parents are registering the birth of their child online through Birth Registration Online – maybe using their tablet or smartphone - instead of using the paper form. Take up rates are already heading towards 80 per cent after only a few weeks of operation.

Parents report that the new form is a much easier way to register their child. Child registration is an important step so that children born in New Zealand qualify for health, educational and other benefits. At the same time as registering your child’s birth you can also get an IRD number for your child.

Government is in a unique position with respect to identity-related information. Because we register life events, and issue passports, government is in a unique position with respect to identity-related information.

Today it is not only government business that is transacted online: increasingly, people’s daily business and life is transacted online, with the attendant security and privacy risks. As more and more processes and transactions move to an online, virtual environment, citizens are amassing a detailed digital identity.

It comprises a large amount of detail about inherent characteristics such as date of birth, acquired information such as home address, and other information such as purchase history.

The importance of this information is increasing. Enormous potential benefits are possible from the use of digital identity data, driven by process efficiencies and product innovation related to better understanding of consumer needs.

Alongside this expanding digital identity the risks of misuse of digital identity information are also increasing rapidly. This situation creates a fundamental trade-off for consumers. While many people willingly share information on Facebook, Twitter and other social media sites, consumers are also concerned about how their data is used, and the financial and privacy risks of misuse.

However consumers are willing, even enthusiastic, to disclose information where they can see benefits and appropriate privacy controls are in place. To deliver integrated services and protect privacy at the same time we need the tools to do the job. RealMe is one such tool.

It started life as the Government Logon Service, which went live in April 2007 when a visionary group of public servants foresaw a need to provide joined-up services, and developed a tool to meet the need. It was rebranded under the iGovt brand in July 2009 when the service transferred from the State Services Commission to the Department of Internal Affairs.

In 2011 New Zealand Post became the private sector commercialisation partner, and in July 2013 the iGovt login service was rebranded as RealMe, and the RealMe verified account was launched. RealMe now provides tools that can be used by both the public and private sector to enable identity information to be verified by agencies at the customers’ request.

A RealMe verified identity is free, reasonably easy to obtain and can be used to apply open bank accounts with BNZ and TSB, and enrol to vote with the Electoral Commission.

Students will soon be able to use a RealMe verified identity when they apply to StudyLink for allowances and loans, and we are looking at ways to make it easier to obtain and use a RealMe verified identity, without compromising the integrity of the product – for example when you renew your passport.

More and more people are choosing to get a RealMe verified identity. If you have not already done so, I would urge you to get one because as more and more services are offered by government and the private sector, you will find it much easier to transact online, rather than posting or taking your identity documents into a branch.

RealMe’s strengths lies in its design, which enables a seamless digital service for customers without creating a single database of information about an individual. The customer maintains has control of their personal information, and can see where it has been shared. RealMe has been developed to operate within strict requirements for privacy protection and information security.

RealMe is a world class solution tailored to the New Zealand environment and is consistent with the Electronic Identity Verification Act 2013, which enables electronic identity verification online; the Privacy Act 1993, which only allows data matching between departments in very limited circumstances; the Anti-Money Laundering and Countering Financing of Terrorism Act 2009; plus a range of national and international standards.

RealMe also helps us prevent identity fraud as every time the Department verifies an identity and issues the Electronic Identity Credential that lies at the heart of the RealMe Verified account, we add a notation to the individual’s Birth, Death, Marriage, Immigration, Passport and Citizenship record related to that individual which prevents them being reused by a fraudster to get a second ID.

The future of digital delivery

This Government is committed to our Result 10 goals to make it easy for citizens to complete common transactions with Government online. More and more, RealMe will be at the heart of that as people use RealMe to prove who they are.

The ability to share information in a single transaction is expected to be a critical enabler for the delivery of integrated cross-agency services. RealMe is a critical component to support the achievement of New Zealand Government’s current policy objectives, including that: New Zealanders can complete their transactions with government easily in a digital environment, with an objective that by 2017, an average of 70 percent of New Zealanders' most common transactions with government will be completed in a digital environment.

New Zealand businesses have a one-stop online shop for all government advice and support they need to run and grow their business. It is expected that business costs from dealing with government will reduce by 25% by 2017.

We live in exciting times.

The possibilities that digital technology give us are making a real difference to the lives of New Zealand citizens. But we must always balance the need for convenience with the need for privacy. I am confident that this Government will continue to get that balance right and I look forward to hearing from Conference speakers about our shared digital future.

ENDS


© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

 
 
 
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
 
 

Featured News Channels


 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.