20 September 2023
MBIE ref: DOIA 2324-0474
Ashley
[FYI request #24007 email]
Tēnā koe Ashley
Thank you for your email of 31 August 2023 to the Ministry of Business, Innovation and Employment
(MBIE) requesting, under the Official Information Act (the Act), the following information:
Copies of the Ministry's policies, procedures, and processes regarding the use of teams by staff
members, including requests to access teams chats by managers.
How many requests for access to staff members' teams chats have been made by managers and/or
people leaders in the past 12 months? What justifications or reasons are required when lodging a
request to access staff members' teams records? Are the staff members advised when these requests
are lodged as part of the process? Is privacy a factor considered when deciding whether to grant
access?
MBIE Information Communications Technology (ICT) Acceptable Use Policy
MBIE provides its people with access to MS Teams in their professional capacity to undertake their work.
So, while MBIE does not have a policy specific to the use of MS Teams, all MBIE employees, and
contractors or employees of organisations supplying services to MBIE, inclusive of individuals who are
based offshore, are bound by the standards outlined in the MBIE ICT Acceptable Use Policy. This Policy is
applicable to all IT systems at MBIE. Please find a copy of the Policy attached to this response (released to
you in full).
MBIE is currently working to review and update the ICT Acceptable Use Policy. We aim to have this
completed by the end of October 2023.
Accessing staff MS Teams messages
There were no requests for access to staff MS Teams messages made by managers or people leaders in
the past 12 months.
Any request to access staff MS Teams messages requires approval of the MBIE Integrity team. If a
manager or people leader considered that a staff member’s use of MS Teams may indicate wrongdoing or
other inappropriate conduct, then either the Integrity team would investigate, or it would support People
and Culture to look into the matter, rather than providing a manager with direct access.
The MBIE Integrity team can access MS Teams messages for investigating allegations against MBIE staff.
However, there would need to be a clear reason for access, for example where MS Teams chats may
provide evidence of fraud or dishonesty or other unacceptable conduct. A staff member may not be
advised about access to MS Teams chats for the purposes of an investigation but would be given an
opportunity to respond to any allegation and evidence that may be presented.
Responding to Official Information Act and Privacy Act requests
The MBIE Information Management team can access MS Teams messages for the purpose of responding
to Official Information Act or Privacy Act requests. The requests themselves are coordinated by staff in
MBIE’s ministerial servicing teams, who can make requests to the Information Management team to
extract MS Teams material from the system, so a decision can be made on its contents. This information
is placed in a folder that can only be accessed by pre-approved staff, and only for the purposes of
responding to the request on hand.
Official Information Act (OIA) requests
Where a person acts on behalf of MBIE in an official capacity, the information produced as a result is
subject to the OIA. If this information is then requested, MBIE must make a decision about the public
release of its contents.
MBIE takes the privacy of its staff very seriously. Based on Ombudsman guidance, we have developed
approaches to ensure that we are able to distinguish between:
• official information, which is produced by officers of the department in the course of their duties,
and
• personal information, which is about identifiable natural persons, and can include information
about people’s individual employment arrangements, finances, families or interests.
Information that may prejudice a person’s privacy is redacted under section 9(2)(a) of the OIA.
For past OIA requests, MBIE has asked people leaders to advise staff whose MS Teams messages are in
scope of a request about upcoming release, and to seek any staff feedback about redactions. This gives
people leaders the chance to arrange any follow up support a staff member may need.
Where staff request copies of the MS Teams messages provided for release, they are provided with
copies of the material in the form it was released under the OIA.
Privacy Act requests
MBIE is required by law to release personal information it holds about identifiable people when they
request it, under Information Privacy Principle 6 of the Privacy Act 2020 (subject to Part 4 of the Privacy
Act). This right to access information we hold about people extends to our staff, contractors, and
customers.
Privacy Act requests are managed confidentially, and documents in scope of the requests are held in
secured online folders, with access being granted only to a small number of staff with a role in responding
to the request.
2
The decision to advise a current or former staff member’s people leader of an incoming Privacy Act
request is made on a case-by-case basis, relative to any circumstances that lead to the request being
lodged.
If you wish to discuss any aspect of your request or this response, or if you require any further assistance,
please contac
t [email address]. You have the right to seek an investigation and review by the Ombudsman of this decision. Information
about how to make a complaint is available at www.ombudsman.parliament.nz or freephone 0800 802
602.
Nāku noa, nā
Mark Brown
General Manager, Digital Operations
Digital, Data and Insights
3