Comic strip showing a cahsier asking a client: 'Can I have your address, phone number, email, your mother's maiden name, a sample of your DNA, your date of birth and...' The customer replies 'But I'm just trying to buy a pack of gum!'
(c) GoComics.com

In the lead-up to Privacy Week in May, Susan Allen, Principal Advisor Privacy at the Department of Internal Affairs, recently visited The Translation Service and the Authentication Unit to discuss privacy issues. She kindly agreed to answer a few questions for Translating Aotearoa.

Q.: Susan, first of all, I’d like to thank you for taking the time to talk to us today. Ever since the privacy breaches at the Earthquake Commission and the Accident Compensation Corporation that made the headlines, privacy has become a major topic of discussion within government agencies in New Zealand, as the recent creation of a Government Chief Privacy Office shows. How is that relevant to our translators and revisers?

A.: You’re right – privacy has become a major topic within government, and for good reason. To conduct our business government agencies are entrusted with personal information from the public, who expect that we will safeguard it. It is our duty to ensure that it is kept safe, and that it is managed well.

Q.: But our linguists aren’t government agencies…

A.: No, that’s true. But they work for The Translation Service, which as you know, is a government agency. And given the nature of the work they do, they are entrusted with a vast quantity of personal information. Most translations that they carry out contain personal details, which under the Privacy Act 1993 must be treated in confidence.

Q.: What exactly is personal information? A person’s name and date of birth, their bank details and address, probably qualify as personal information. Is there anything else?

A.: Well, any information about an identifiable person counts as personal. That does include someone’s name, address, date of birth, and bank details, but that’s not all – far from it. Their financial records, health history, call log, are all personal information. The person’s name doesn’t even have to be mentioned to make the information personal. The question is whether they could be identified from the information.

Q.: So what do you recommend our linguists do?

A.: What I’d really like is for them to be simply aware of privacy issues, and apply some basic principles when working with personal information. They should only use the information they’re given for the purpose it was collected for, i.e. carry out a translation or a revision. They should keep it safe and only share it with those who need to see it to complete the job. And once the translation is completed, they should dispose of it.

Q.: So in other words, when we send a translation job to one of our linguists, they need to save the files somewhere where they can’t be accessed by anyone who doesn’t need to see them, be mindful of sharing the personal information if they need assistance from someone else, complete the work, send the translation to TTS via email double-checking that they are really sending it to us, and then delete all information relating to the said job. Is that correct?

A.: Yes, that’s right. Once the job is completed, they need to delete the original and the translation. Our aim isn’t to create paranoid translators and revisers, but to raise awareness about why it’s good to keep information safe, and how privacy issues relate to translation. My best piece of advice is: Be privacy safe! Ultimately, your linguists need to look after the information they’re given to protect our customers and to protect themselves.