It might sound strange but complaints are the lifeblood of our office. We receive them, vet them and investigate them. And because we are the Office of the Privacy Commissioner, people need to have absolute confidence in the security of our complaints process.
The Privacy Act gives you the right to complain to us if someone breaches your privacy. It’s an important right, both for you personally and for our society as a whole.
We get 700 to 800 complaints a year about alleged breaches of privacy. To make it easier to access this service, we introduced this year a form on our website that allows any user to lodge a complaint with us online.
Privacy and security
With that in mind, our web developers at SilverStripe developed a module for us that encrypts the information when it is lodged online. The information is then securely transferred to our internal mail systems and decrypted on receipt.
Our website is hosted on the Common Web Platform, a shared web service delivery platform used by New Zealand Government agencies. A key benefit of this shared platform is the reusability of software code.
Open source code
Online complaints formour account on GitHub
For the more technically minded, our complaints encryption module uses GPG or “Gnu Privacy Guard”, which is compatible with the OpenPGP standard and with Symantec’s PGP tools.
Developers can sign and encrypt the content for an email (including file attachments) before it's sent. This requires a transfer of public keys between the sender and recipient, and requires GPG software to be installed on the website server.
It makes sense to us to share any code that might be reusable, or indeed improved, in the interest of encouraging good information security, improved knowledge sharing and open innovation across both the public and private sectors. With the support and assistance of SilverStripe, we are happy to be able to share these technical solutions.