Shades of dirty politics …
David Fisher at the Herald is reporting that Bomber Bradbury has succeeded in getting the Privacy Commissioner to rule that Police use of Privacy Act powers to access Bradbury’s bank accounts without a warrant was unlawful. From the article:
Police have again been caught unlawfully harvesting private banking information in the search for the hacker behind the Dirty Politics book. This time it is activist and journalist Martyn Bradbury who has been drawn into the police investigation. And this time police inquiries are said to have had an awful impact, leading to two suicidal episodes.
Bradbury’s is the latest case of police unlawfully exploiting the Privacy Act to get personal banking information without getting a court order.
It follows the revelation that Dirty Politics author Nicky Hager also had his banking records handed over to police without any legal compulsion to do so.
The practice has been ruled unlawful after Bradbury – who runs The Daily Blog website – complained to the Privacy Commissioner.
The records were sought to show that whoever hacked Slater’s site was paid to do so. Why they suspected Bradbury is not clear and on the face of it somewhat bizarre. The exercise has the feel of an overblown fishing trip.
The repercussions were significant on Bomber. An application for an increase in credit was declined because of the Police approach and his depression hit big time.
The police powers to require this information is contained in the Privacy Principles that are in the Privacy Act. The relevant provisions are the following:
Principle 2
Source of personal information(2) It is not necessary for an agency to comply with subclause (1) if the agency believes, on reasonable grounds …
(d) that non-compliance is necessary—
(i) to avoid prejudice to the maintenance of the law by any public sector agency, including the prevention, detection, investigation, prosecution, and punishment of offences …Principle 3
Collection of information from subject
(1) Where an agency collects personal information directly from the individual concerned, the agency shall take such steps (if any) as are, in the circumstances, reasonable to ensure that the individual concerned is aware of [various details relating to the collection].
(4) It is not necessary for an agency to comply with subclause (1) if the agency believes, on reasonable grounds,—
(c) that non-compliance is necessary—
(i) to avoid prejudice to the maintenance of the law by any public sector agency, including the prevention, detection, investigation, prosecution, and punishment of offences …Principle 11
Limits on disclosure of personal information
An agency that holds personal information shall not disclose the information to a person or body or agency unless the agency believes, on reasonable grounds,—
(e) that non-compliance is necessary—
(i) to avoid prejudice to the maintenance of the law by any public sector agency, including the prevention, detection, investigation, prosecution, and punishment of offences …
All principles require there to be belief on “reasonable grounds” that the requirements are met. The Privacy Commissioner has ruled that the applications failed to set out why they were necessary and in any event were very heavy handed and should have been subject to Judicial scrutiny because otherwise it was unlawful in that it breached the Bill of Rights Act prohibition against unreasonable search.
Again from the Herald:
Detectives did so quoting a section of the Privacy Act allowing those holding data to ignore people’s privacy if there are “reasonable grounds” to believe it would help “maintenance of the law”.
The ruling from Privacy Commissioner John Edwards found police gave Bradbury’s bank no information to make an assessment of whether the request was “reasonable”.
Edwards rejected police submissions that the request only lacked supporting information for the bank to make a proper decision.
Even if police had provided the information, Edwards said detectives “were not justified” in asking for the banking records without a legal order from a judge.
“It is our view the request for your banking records, given their sensitivity, ought to have been placed before a judicial officer for decision on whether it met the grounds for a production order.”
He said the “nature and the scope of the request was unfair and unreasonably intrusive”.
The request for information was “unlawful” because it was constituted a “search” and the Bill of Rights stated “everyone has the right to be secure against unreasonable search”.
Well done Bomber for taking this action and all strength to him. His allegation that others may also have has their records searched deserves further scrutiny.
Powered by WPtouch Mobile Suite for WordPress