The PSA is warning the Government that the sensitive information of New Zealanders held by various agencies will fall into the wrong hands if the latest round of proposed cuts goes ahead.
Government spending cuts are forcing the Department of Internal Affairs to propose axing a range of roles dedicated to ensuring the public service keeps secure the private information of New Zealanders.
"Today we are seeing more evidence of the reckless nature of the Government’s spending cuts which will see more data breaches resulting in the sensitive and private information of New Zealanders falling into the wrong hands," said Duane Leo, National Secretary for the Public Service Association Te Pūkenga Here Tikanga Mahi.
The Department of Internal Affairs has proposed that the role of Government Chief Privacy Officer (GCPO) be disestablished, along with the privacy functions within the group. This accounts for four permanent roles and two temporary roles.
In addition, another critical role, of cyber security analyst working within the department, may also go in consultation documents given to staff today.
"They are ploughing ahead with cutting these roles with no evidence to justify losing such important oversight of how the public service manages the sensitive information of millions of New Zealanders.
"Now more than ever, as the risks from cyber security grow, as more of us engage with public services online and as the dangers posed by AI become better understood, the Government should be investing more in these areas, not less.
"The whole point of the Government Chief Privacy Officer was to provide a single point of contact that takes responsibility for a whole of government approach to privacy. These roles ensure the public service securely collects and manages personal information lawfully.
"For the department to tell staff the work of the GCPO has served its purpose is wrong.
"Consider what the Auditor-General said less than six years ago in 2018: ‘In my view, the leadership and guidance provided by the Office of the Privacy Commissioner and the Government Chief Privacy Officer are essential to the public sector sharing information in a safe and secure manner.’ [1]
The new Minister was even advised by officials last November that while ‘privacy maturity’ had improved across 47 agencies since 2022, there was still a need for further improvement. [2]
"This is just more evidence that the job is not complete, that more effort and oversight by the GCPO is needed across the public service to ensure private information remained secure.
"The Government seems prepared to play fast and loose with the private information of New Zealanders - it has made a clear choice to cut jobs to fund tax cuts and damn the consequences. This is just plain more dumb stuff from this government," said Duane Leo.
[1] Office of the Auditor-General, Reflecting on our work about information, 2018, p. 4, https://oag.parliament.nz/2018/information/docs/information-reflections.pdf.
[2] DIA, Briefing to the Incoming Minister for Digitising Government, November 2023, p. 22, https://www.dia.govt.nz/diawebsite.nsf/Files/Briefing-to-Incoming-Minister-October-2023/$file/BIM-2023-October-Digitising-Government_Redacted.pdf.
