Ms Louise Wilsdon1
1University Of Otago, New Zealand
NZ’s regulatory framework for health data privacy is ill-equipped to respond to the concerns that big data raises. In the absence of any substantive regulatory oversight, big technology companies globally have extended their capacities to collect and analyse exponential amounts of personal information.
A regulatory framework that focusses on individual control of personal information and relies predominantly on the individual to make a complaint when their privacy is breached is problematic in a world where our personal information is being collected at an exponential rate. There are people who don’t want to manage their data or find it too overwhelming or complex to manage. There can be difficulty in even recognising that a privacy breach has occurred, let alone identifying the agency responsible. The consequent harm or loss may be experienced well after a breach has occured, and can also be cumulative – the result of multiple agencies relying on the same compromised data.
Many companies require consent to their privacy policies in order for users to access a free service (Google; Facebook) or to obtain full functionality of a product that they’ve already purchased (Fitbits; smart appliances). The benefits of consenting are immediate while the potential privacy risks are uncertain and distant.
Data privacy regulation needs to evolve from an individual rights-based model to focus more on the social context of information exchanges. The rules that govern the use and disclosure of health information must promote health values.
Key words: health information, privacy, big data
Bio to come.