Social Development Minister Anne Tolley has revealed a gaping privacy hole has been discovered in a computer portal set up to collect people’s data.
The issue is with a system used by NGOs to submit client data to the Ministry of Social Development (MSD).
One provider was able to view another provider’s folder while accessing the system, which led to it being shut down on Tuesday night.
Before the shut down only 10 providers had uploaded information, although the invite had been extended to 136.
Tolley said she had asked officials to provide advice on a new system and the Privacy Commissioner and the Government’s chief information officer would also be involved.
In the press release announcing the issue, Tolley pushed home the Government’s commitment to its data-driven social investment policy.
The timing of the discovery is poor for Tolley, coming before the imminent release of Privacy Commissioner John Edward’s report into the Ministry’s policy to demand detailed client information from contract-holders in exchange for funding.
It's a policy that has left many organisations uncomfortable, despite claims the data would be used to better target social investment.
In an in-depth interview with Newsroom last week, Edwards would not talk about the report itself but voiced concerns about being ruled by automated decision-making and algorithms.
“What I am here for, I think, is to be a word of caution about overconfidence and to say ‘well, you say you’re going to get that result, are you sure?’ There’s a lot of snake-oil salespeople out there promising that data can have your baby or that the blockchain is going to save the world – it’s not true, there’s a lot of overselling of this stuff, he said.
“There’s also enormous risks of selection bias of hard-wiring underlying prejudice, of misallocating resources, of causing people great harm without a solid evidence base – so I worry about a level of overconfidence about what the technology can deliver.”