Skip to content.
|Networking government in New Zealand.
 
You are here: Home » Services » Authentication » Library » Key Documents » GLS Privacy Impact Assessment 2005 » Critical assumptions

Critical assumptions

1.9. The process of privacy impact assessment involves an assessment of a given policy or technological initiative based on its features as known at a given moment in time. In addition, many of the privacy risks identified are contingent on the occurrence of a number of other events, such as institutional or policy changes affecting how personal information might be used.

1.10. There are a number of challenges to an assessor to ensure that the assessment remains current in the face of evolving processes of policy development, or of technologies. There are important choices too, in the degree to which one should engage in speculation, and which contingent events warrant inclusion in a PIA without ranging too far from the project's stated intentions or design.

1.11. One of the methods available to assist balancing these sometimes competing objectives is to state a number of critical assumptions, representing the central features of the proposal that have been used to inform the process of privacy impact assessment. The implication is that the privacy impact report will remain current for as long as these central features remain. This is a check on the affect of the evolving nature of the design, in that not just any development will materially alter the parameters to require fresh privacy impact analysis. There remains a role for speculation as to contingent effects on privacy, and as such, the following list does not completely remove the need in this report to consider the effect of expansion of the scheme, notwithstanding that expansions would be outside the currently defined parameters of the project. The critical assumptions are;

  • Ongoing adherence to the cabinet principles specified in paragraph 3.10.
  • Identity establishment is not a part of this project - verified identity. information is not required by the GLS.
  • Limitation of all aspects of the system (provision of all services) to government sector.
  • Limited centralised collection of personal information.
  • No use of biometric data.
  • The functions of key provider and common login service are both provided by the same agency, the Government Logon Service.
  • Operational policy documents and interagency instruments such as memoranda of understanding and standards are yet to be developed, but will be reviewed by the program for their impact (if any) on privacy as they are produced, and in any case will be in place prior to the implementation of the Government Logon Service.

[ Previous | Next ]