By Zeb Holmes and Ugur Nedim
The new meta-data retention laws mean internet service providers (ISPs) must retain the personal information of users for a period of two years, and make that data available to a whole host of government departments without them even having to obtain a warrant.
The laws give our state and federal governments unprecedented access to the personal data of individuals – far greater than any other nation in the developed world.
Justified by the threat of terrorism, the laws have already been used by dozens of councils, police departments and other state agencies for unintended purposes– including investigations into rubbish dumping, the sexual activities of defence force cadets, to threaten journalists and investigate doctors who speak out against the government.
But meta-data laws aren’t the only source of concern when it comes to the privacy of citizens.
Police forces and other government organisations have repeatedly failed to properly secure confidential materials of members of the public, even breaking the law by releasing sensitive information which puts vulnerable individuals in danger.
In a recent breach, 39 clients of a government social work agency – including Dylan Voller, the central figure in the recent Northern Territory juvenile justice scandal – had their confidential files dumped at an Alice Springs tip.
The files relate to both clients and staff members of Territory Families, dating back to 2009. They were contained in filing cabinets and pedestal drawers sent to the Alice Springs waste management facility during an office relocation in April this year.
The dumped documents include confidential court records, medical records, foster care assessment applications, employment records, remote family services files, staff supervision records, time sheets and residential care reports.
Territory Families could not confirm that all of the materials have been recovered.
Failure to follow best practice
Not surprisingly, an external investigation found that Territory Families failed to follow best practice during the relocation, concluding there was a “failure to itemise and record all assets/furniture held at Level 1 Mwerre House prior to relocation… and a failure to mark/designate all assets/furniture for relocation or disposal.”
To make matters worse, the investigation noted that the organisation was aware in April that the files had been “lost”, but did not notify those affected until 20 June 2017. When asked about the delay, a spokesperson for the agency claimed it wanted to investigate the matter thoroughly before notifying those whose privacy had been breached.
Dylan Voller speaks out
Like many others, Dylan Voller is of the view that those affected should have been contacted upon the organisation becoming aware of the failure, and finds it unacceptable that confidential documents were treated with so little care.
“My family history is not for other people’s eyes and people, and things that I’ve gone through [when I was] younger,” he stated to the media.
Mr Voller recently gave video evidence at the Darwin sitting of the Northern Territory Royal Commission into Youth Justice, hoping to prevent a reoccurrence of the appalling treatment he received while in detention.
“A lot of other young people, just like myself, have had bad upbringings, bad behavioural problems,” he testified. “But locking them away, being bashed or being harassed and being slammed – nothing justifies that. If we walked up and did it on the street…we’d be put in prison.”
Voller expressed that children and young people in detention should have greater access to counsellors and other mental health professionals, and better post-release support:
“To help them get accommodation, to help them get jobs once they’re out… Not just chuck them out the gate and off you go, back into the world.”
Despite the agency’s assurances, Voller remains unconvinced that the breach was unintentional.
“Considering my name has been run through the media and stuff, it’s suspicious that my files were there,” he stated. “How do we know [tip shop staff] didn’t give them to someone who doesn’t like me, with all the stuff that’s been happening on TV, and photocopied it or something like that?”
Compensation could follow
Northern Territory Information Commissioner, Brenda Monaghan, said that those affected by the breach could be entitled to up to $60,000 in compensation.
“The sorts of orders that can be made are an apology, an order to prevent or various orders to prevent the matter happening again, and also compensation can be paid, including compensation for hurt and humiliation,” she stated.