We don't know whether the most recent response to this request contains information or not – if you are John Fabrizio please sign in and let everyone know.

questions regarding the pseudo-anonymity of the IDI, indefinite data retention, Significant privacy concerns

John Fabrizio made this Official Information request to Statistics New Zealand

This request has an unknown status. We're waiting for John Fabrizio to read recent responses and update the status.

From: John Fabrizio

Dear Statistics New Zealand,

Based on my understanding of the Integrated Data Infrastructure (IDI), it appears that you possess highly sensitive information regarding every individual who has interacted with a government agency, at-least, within the past 20 years, and your intentions is to indefinitely retain all future interactions with government agencies, that is recorded by administrative data later sent to you. Statistics New Zealand frequently asserts that "it is extremely difficult to extract information about a specific individual," yet I believe this may not accurately reflect the truth.

Each distinct identity within the IDI has its own "snz_uid." Nearly every snz_uid is linked to at least one encrypted identifier, such as "snz_ird_uid" or "snz_dia_birth_reg_uid," alongside identifiers like a birth registration number, National Health Index (NHI) number, Inland Revenue Department (IRD) number, or a physical address. While encryption may hinder direct searches for personal identifiers like NHI/IRD numbers known to researchers, the new unique number generated through encryption is still inherently tied to a single identifiable person. Furthermore, through analysis and using public databases, it's possible that most encrypted addresses could also be easily de-identified.

Although we cannot be absolutely certain that every unique identity within the IDI, and every variable linked to that identity, definitively belongs to a specific individual, we can reasonably infer that most of it does, especially considering the permanance of NHI/NSN/IRD numbers throughout an individual's life. Notably, variables within the IDI, such as birth parents' date of birth (DOB) and individual DOB, alongside place of birth, enable the tracing of a particular identity to a snz_uid within the IDI, thus facilitating access to associated data such as mental health records, criminal records, and tax records.

While other agencies routinely discard individual-related information to safeguard privacy, it appears that Statistics NZ indefinitely retains administrative data provided by cooperating agencies in the form of "de-identified" and pseudo-anonymous datasets, data that cooperating agencies themselves may securely dispose of at a later date following their own disposal schedules.

1. Do you retain the encryption key for every encrypted variable within the IDI indefinitely?

2. Is there a practice of routinely securely disposing of the encryption key for certain encrypted variables? which which put limits on the continuity of some linkages

3. Do you have plans to further enhance the confidentiality or anonymization of old IDI instances in the future? for example archived IDI data.

4. Does the value of insights gained through research using the IDI outweigh the risk of a malicious actor gaining access to a complete copy of the IDI database, thus acquiring knowledge of any individuals' interactions with most government services going back past the 1990s for many agencies? I believe that consolidating records from various government agencies into a singular database, thereby establishing a single point of failure and relying solely on "de-identification" as a means of protection, poses a significant security and privacy risk that impacts all citizens of New Zealand.

Yours faithfully,

John Fabrizio

Link to this

From: Stallah Valaau
Statistics New Zealand


Attachment image001.png
2K Download

Attachment image002.png
2K Download

Attachment image003.png
2K Download


Tēnā koe John

 

I am writing to acknowledge receipt of your Official Information Act (OIA)
request below.

 

We received your request on Thursday, 8 February 2024. We will endeavour
to respond to your request as soon as possible and in any event no later
than Thursday, 7 March 2024, being 20 working days after the day your
request was transferred to us, taking into account public holidays. If we
are unable to respond to your request by then, we will notify you of an
extension of that timeframe.

 

Your request is being handled by the Office of the Government Statistician
and Chief Executive. If you have any queries, please feel free to contact
me using the details in the signature below. If any additional factors
come to light which are relevant to your request, please do not hesitate
to contact us so these can be taken into account.

 

Ngā mihi nui

 

Stallah Valaau (pronouns: he/him/his)

Advisor – Executive and Government Relations, Office of the Government
Statistician and Chief Executive

Kaitohutohu – Tari O Te Kaitautauranga Matua Me Te Pouārahi Matua | Stats
NZ | Tatauranga Aotearoa
P O Box 2922, Wellington 6011 | ddi: +64 4 931 4838 |mob: +64 21 575 528 |
[1]stats.govt.nz

 

About Aotearoa, for Aotearoa

Data that improves lives today and for generations to come

 

[2]Facebook | [3]Twitter | [4]LinkedIn

 

    

            

show quoted sections

Link to this

From: Joy Skye
Statistics New Zealand


Attachment image001.png
2K Download

Attachment image002.png
2K Download

Attachment image003.png
2K Download

Attachment OIA0810 Response IDI data retention and privacy concerns.pdf
282K Download View as HTML


Tēnā koe John

 

Please see attached a response from Stats NZ to your OIA request regarding
IDI data retention and privacy concerns.

 

 

Ngā mihi,

 

Joy Skye (she/her and Ms)
Senior Advisor – Executive and Government Relations, Office of the Chief
Executive

Kaitohutohu Matua – Ngā Hononga Whakawaho, Kāwanatanga hoki, Tari o te
Tumu Whakahaere
Stats NZ | Tatauranga Aotearoa | [1]stats.govt.nz | 04-931 4699

 

About Aotearoa, for Aotearoa

Data that improves lives today and for generations to come

 

[2]Facebook | [3]Twitter | [4]LinkedIn 

 

Work days: Monday to Thursday

 

 

 

From: Stallah Valaau <[email address]>
Sent: Friday, February 9, 2024 8:48 AM
To: John Fabrizio <[FOI #25669 email]>
Subject: Acknowledgement of your Official Information Request

 

Tēnā koe John

 

I am writing to acknowledge receipt of your Official Information Act (OIA)
request below.

 

We received your request on Thursday, 8 February 2024. We will endeavour
to respond to your request as soon as possible and in any event no later
than Thursday, 7 March 2024, being 20 working days after the day your
request was transferred to us, taking into account public holidays. If we
are unable to respond to your request by then, we will notify you of an
extension of that timeframe.

 

Your request is being handled by the Office of the Government Statistician
and Chief Executive. If you have any queries, please feel free to contact
me using the details in the signature below. If any additional factors
come to light which are relevant to your request, please do not hesitate
to contact us so these can be taken into account.

 

Ngā mihi nui

 

Stallah Valaau (pronouns: he/him/his)

Advisor – Executive and Government Relations, Office of the Government
Statistician and Chief Executive

Kaitohutohu – Tari O Te Kaitautauranga Matua Me Te Pouārahi Matua | Stats
NZ | Tatauranga Aotearoa
P O Box 2922, Wellington 6011 | ddi: +64 4 931 4838 |mob: +64 21 575 528 |
[5]stats.govt.nz

 

About Aotearoa, for Aotearoa

Data that improves lives today and for generations to come

 

[6]Facebook | [7]Twitter | [8]LinkedIn

 

    

            

show quoted sections

Link to this

We don't know whether the most recent response to this request contains information or not – if you are John Fabrizio please sign in and let everyone know.

Things to do with this request

Anyone:
Statistics New Zealand only: