Intrusive Data Collection Justification Looks Thin and Dubious

Garth Nowland-Foreman

The Ministry of Social Development (MSD) is controversially demanding identifying information about individual clients in exchange for its funding from 1st July. Charities and other non-profits providing essential social services are concerned this may put off vulnerable people seeking help when they need it most. It also has the potential to undermine one of the key reasons for partnering with non-profits – we are able to establish trust and effective working relationships with disenchanted people because of our independence and ‘arms-length’ from government. It is even more annoying that this major policy shift has been imposed in a heavy-handed, take-it-or-leave-it basis – rather than engaging collaboratively with these front-line organisations to come up with a workable solution.

Last year, New Zealand Council of Christian Social Services (NZCCSS) sought more information from MSD (under the Official Information Act) on the gathering and reporting of Individual Client Level Data, assessments of its impact, and advice to MSD from the Office of the Privacy Commissioner.

A swag of papers arrived last week, almost six months after the original request was submitted. MSD explains this unusual delay was to ensure they were able to be comprehensive in gathering information from many different documents. This makes the thinness of the response all the more surprising:

  • Very little information is provided to justify this intrusive collection (two or three similar bland sentences are repeated time and time again);
  • Very little consideration appears to have been given to its impact on the charities and non-profits funded, nor their clients; and
  • Only informal, verbal consultation appears to have occurred with the Office of the Privacy Commissioner (so informal that no notes are provided).

Rationale Weak

The rationale in the OIA papers for this major policy shift is very weak. In document after document, MSD argue that confidential information identifying individual clients needs to be collected “so that it will be clear what results are being purchased for different types of clients”(emphasis added). Clearly this does not require identifying individual information. Beyond these generalities, no examples are provided in the documents about how the information could be used, what questions could be asked, or what answers provided. Bland demands to know that “the right people are getting the right services” will also not be effectively answered by the data MSD currently want to collect.

Sadly, this has been a missed opportunity for the department to work alongside the front-line services to collaboratively identify how the most useful and meaningful monitoring data could be collected, rather than making pronouncements and threats from on high. Non-profits are no less committed to making the most impact with limited resources, than the best-intentioned government department. On a bad day, the current approach can seem to be based on assumptions that we need to be bullied or blackmailed into being interested in results.

‘Just in Case’ – Not Ethical

Based on the documents released, it seems the department has fallen into the trap of many novice researchers – it appears as if it is planning on collecting as much information as it can, ‘just in case’! While understandable, with the current government’s recent discovery of Big Data, this is an expensive newbie mistake, which is also considered by many to be unethical – especially when it is a party with power over your life collecting the data. Personally, I would like MSD (and all government agencies) to subject themselves to a simple discipline of only collecting information they can collate, analyse and feedback to those that provide it within, say, six months – even 12 months would be better than nothing.

The OIA papers also give the appearance of a basic confusion and conflation of three important but different processes: monitoring, evaluation and research. Rather than spending a fortune on collecting and analysing quite a lot of very ‘thin’ data (gender, age, ethnicity), it is often much more effective to gather rich and deeper insights from well-constructed research – like the Dunedin Multidisciplinary Health & Development Study. As well as not requiring mass citizen surveillance, such research can ensure greater reliability and validity. Elsewhere MSD even argue that all this extra monitoring will reduce the need for evaluations. It is bizarre to expect an individual local service to ‘prove’ its approach works. This requires properly constructed research on a much larger scale. Mixing evaluation with monitoring also risks corrupting data with perverse incentives. To over-simplify: monitoring can tell us ‘what’; evaluation has the potential to add ‘how’; and good research can begin to answer the elusive ‘why’ questions.

Is Client Data Safe?

The papers released so far also do not give confidence that the department has in place adequate systems and hardware to protect privacy. And now that Social Development Minister Tolley is hesitating about collecting confidential client information from “providers of specialist sexual violence services”, it can appear like a de facto admission that MSD does not yet have a fully secure and trustworthy system in place. The 12-month exemption for specialist sexual violence services may help get the issue off talkback radio. However, if the Minister still needs further reassurances that MSD can “safely and securely” collect confidential client information from one set of services, how can we and our clients have confidence in the safety and security of personal information collected from other services (many of which also deal with sensitive issues, like domestic violence, child neglect, or debt)? All the more so, given MSD’s track record of privacy breaches in recent years. The standard funding contract proposes that confidential information can be provided to any employee, anywhere in the department.

At one point among the mass of OIA papers, MSD argues that the reason for collecting identifying personal information is to enable data-matching across various other government agencies. This would indeed require identifying personal information, but also requires a massive, ‘Big Brother’-like, centralization of government-wide data collection. This would effectively be a backdoor national identity number for the poor and vulnerable who happen to need help from a social service, which New Zealanders have been reluctant to adopt in the past. Given all the extraneous data collected it is dubious this would tell us much about results of a particular service in any meaningful way. If this is the real justification, lets have an debate up-front about big government data-matching – its advantages and disadvantages, its costs and benefits.

After being approached by non-profit organisations, the Privacy Commissioner is currently investigating MSD’s demand for client level data, and is due to report at the end of March.

Garth Nowland-Foreman is a voluntary council member of NZCCSS and the chair of Christchurch Methodist Mission, as well as co-chair of the Tangata Whenua, Community & Voluntary Sector Research Centre, and chaired the Johns Hopkins International Comparative Nonprofit Study in Aotearoa New Zealand. He is a director of LEaD Centre for Not for Profit Leadership. The opinions expressed in this article are his personal views, and do not necessarily represent any organisation with which he is involved.