New Zealand Watchdog Scolds Retailers for Privacy Violations by Security Guards
The New Zealand Office of the Privacy Commissioner named and admonished two Pak'n'Save stores Wednesday for Privacy Act violations by their security guard contractors.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The decision to identify the stores "is a significant step and was made because of the seriousness of the issues and their public interest," said Privacy Commissioner Michael Webster. Both shops lacked safeguards that retailers should have when giving third-party providers access to sensitive information, such as surveillance data, he said.
The DPA said the stores failed to have adequate oversight of the guards, who shared images of customers accompanied by allegations of theft or criminal activity. Both people involved then faced a higher risk of harassment and reputational harm, it said.
The public naming should remind businesses that "outsourcing functions does not outsource accountability," said Webster.
In addition, the use of surveillance technologies requires that privacy obligations be explicit, enforceable and routinely monitored to prevent harm, the DPA said.
The stores are individually accountable for compliance with the law, but the DPA said it's also working with Foodstuffs North Island, the co-op lead for the two retailers, to train store personnel, including security contractors, on data protection requirements and mandating that the stores have written agreements with all contractors who process personal information for them.