questions regarding the pseudo-anonymity of the IDI, indefinite data retention, Significant privacy concerns
John Fabrizio made this Official Information request to Statistics New Zealand
This request has an unknown status. We're waiting for John Fabrizio to read recent responses and update the status.
From: John Fabrizio
Dear Statistics New Zealand,
Based on my understanding of the Integrated Data Infrastructure (IDI), it appears that you possess highly sensitive information regarding every individual who has interacted with a government agency, at-least, within the past 20 years, and your intentions is to indefinitely retain all future interactions with government agencies, that is recorded by administrative data later sent to you. Statistics New Zealand frequently asserts that "it is extremely difficult to extract information about a specific individual," yet I believe this may not accurately reflect the truth.
Each distinct identity within the IDI has its own "snz_uid." Nearly every snz_uid is linked to at least one encrypted identifier, such as "snz_ird_uid" or "snz_dia_birth_reg_uid," alongside identifiers like a birth registration number, National Health Index (NHI) number, Inland Revenue Department (IRD) number, or a physical address. While encryption may hinder direct searches for personal identifiers like NHI/IRD numbers known to researchers, the new unique number generated through encryption is still inherently tied to a single identifiable person. Furthermore, through analysis and using public databases, it's possible that most encrypted addresses could also be easily de-identified.
Although we cannot be absolutely certain that every unique identity within the IDI, and every variable linked to that identity, definitively belongs to a specific individual, we can reasonably infer that most of it does, especially considering the permanance of NHI/NSN/IRD numbers throughout an individual's life. Notably, variables within the IDI, such as birth parents' date of birth (DOB) and individual DOB, alongside place of birth, enable the tracing of a particular identity to a snz_uid within the IDI, thus facilitating access to associated data such as mental health records, criminal records, and tax records.
While other agencies routinely discard individual-related information to safeguard privacy, it appears that Statistics NZ indefinitely retains administrative data provided by cooperating agencies in the form of "de-identified" and pseudo-anonymous datasets, data that cooperating agencies themselves may securely dispose of at a later date following their own disposal schedules.
1. Do you retain the encryption key for every encrypted variable within the IDI indefinitely?
2. Is there a practice of routinely securely disposing of the encryption key for certain encrypted variables? which which put limits on the continuity of some linkages
3. Do you have plans to further enhance the confidentiality or anonymization of old IDI instances in the future? for example archived IDI data.
4. Does the value of insights gained through research using the IDI outweigh the risk of a malicious actor gaining access to a complete copy of the IDI database, thus acquiring knowledge of any individuals' interactions with most government services going back past the 1990s for many agencies? I believe that consolidating records from various government agencies into a singular database, thereby establishing a single point of failure and relying solely on "de-identification" as a means of protection, poses a significant security and privacy risk that impacts all citizens of New Zealand.
Yours faithfully,
John Fabrizio
From: Stallah Valaau
Statistics New Zealand
Tēnā koe John
I am writing to acknowledge receipt of your Official Information Act (OIA)
request below.
We received your request on Thursday, 8 February 2024. We will endeavour
to respond to your request as soon as possible and in any event no later
than Thursday, 7 March 2024, being 20 working days after the day your
request was transferred to us, taking into account public holidays. If we
are unable to respond to your request by then, we will notify you of an
extension of that timeframe.
Your request is being handled by the Office of the Government Statistician
and Chief Executive. If you have any queries, please feel free to contact
me using the details in the signature below. If any additional factors
come to light which are relevant to your request, please do not hesitate
to contact us so these can be taken into account.
Ngā mihi nui
Stallah Valaau (pronouns: he/him/his)
Advisor – Executive and Government Relations, Office of the Government
Statistician and Chief Executive
Kaitohutohu – Tari O Te Kaitautauranga Matua Me Te Pouārahi Matua | Stats
NZ | Tatauranga Aotearoa
P O Box 2922, Wellington 6011 | ddi: +64 4 931 4838 |mob: +64 21 575 528 |
[1]stats.govt.nz
About Aotearoa, for Aotearoa
Data that improves lives today and for generations to come
[2]Facebook | [3]Twitter | [4]LinkedIn
show quoted sections
From: Joy Skye
Statistics New Zealand
image001.png
2K
Download
image002.png
2K
Download
image003.png
2K
Download
OIA0810 Response IDI data retention and privacy concerns.pdf
282K
Download
View as HTML
Tēnā koe John
Please see attached a response from Stats NZ to your OIA request regarding
IDI data retention and privacy concerns.
Ngā mihi,
Joy Skye (she/her and Ms)
Senior Advisor – Executive and Government Relations, Office of the Chief
Executive
Kaitohutohu Matua – Ngā Hononga Whakawaho, Kāwanatanga hoki, Tari o te
Tumu Whakahaere
Stats NZ | Tatauranga Aotearoa | [1]stats.govt.nz | 04-931 4699
About Aotearoa, for Aotearoa
Data that improves lives today and for generations to come
[2]Facebook | [3]Twitter | [4]LinkedIn
Work days: Monday to Thursday
From: Stallah Valaau <[email address]>
Sent: Friday, February 9, 2024 8:48 AM
To: John Fabrizio <[FOI #25669 email]>
Subject: Acknowledgement of your Official Information Request
Tēnā koe John
I am writing to acknowledge receipt of your Official Information Act (OIA)
request below.
We received your request on Thursday, 8 February 2024. We will endeavour
to respond to your request as soon as possible and in any event no later
than Thursday, 7 March 2024, being 20 working days after the day your
request was transferred to us, taking into account public holidays. If we
are unable to respond to your request by then, we will notify you of an
extension of that timeframe.
Your request is being handled by the Office of the Government Statistician
and Chief Executive. If you have any queries, please feel free to contact
me using the details in the signature below. If any additional factors
come to light which are relevant to your request, please do not hesitate
to contact us so these can be taken into account.
Ngā mihi nui
Stallah Valaau (pronouns: he/him/his)
Advisor – Executive and Government Relations, Office of the Government
Statistician and Chief Executive
Kaitohutohu – Tari O Te Kaitautauranga Matua Me Te Pouārahi Matua | Stats
NZ | Tatauranga Aotearoa
P O Box 2922, Wellington 6011 | ddi: +64 4 931 4838 |mob: +64 21 575 528 |
[5]stats.govt.nz
About Aotearoa, for Aotearoa
Data that improves lives today and for generations to come
[6]Facebook | [7]Twitter | [8]LinkedIn
show quoted sections
Things to do with this request
- Add an annotation (to help the requester or others)
- Download a zip file of all correspondence
Offensive? Unsuitable?
Requests for personal information and vexatious requests are not considered valid requests for Official Information (read more).
If you believe this request is not suitable, you can report it for attention by the site administrators
Report this requestAct on what you've learnt
Similar requests
Stats NZ's processing of a previous OIA request and its search for the information requested
To Statistics New Zealand by New Zealand Council for Civil Liberties
