... and just business

Press, 15 January 1988, Page 16

... and just business

Perhaps because the Official Information Act provides rudimentary elements of data protection for individuals in respect of information held by the State, the latest data privacy report places a fair degree of emphasis on personal information held by commercial and professional agencies in the private sector. The credit reference industry, in particular, and a potential for harm in an increasing use of blacklists, are singled out for special mention. Legislation to cover specifically the data banks associated with credit references is one of the options offered in the report’s conclusions.

In three of the Australian states — Queensland, South Australia, and Victoria — the activities of credit reference agencies are controlled by statute. In Britain, all credit reference companies are licensed and consumers, if they request it, must be supplied with the name and address of any credit reference agency which has supplied information about them. This requirement applies regardless of whether the consumer’s application for credit has been successful or not. Individuals also have the right to obtain from any credit reference agency, on payment of a modest fee, a copy of all information about them held by the agency. In the United States, similar provisions are contained in the Fair Credit Reporting Act. In New Zealand, the general practice — a voluntary one on the part of the credit reference agencies — has been to allow people access to their credit files if they are denied credit and are informed, or otherwise discover, the source of the adverse report. Where a person wants access to his or her file simply ‘‘out of interest,” access is denied on the ground of cost in terms of staff, time, and other resources. Mr Palmer acknowledges that successive Ministers of Justice have had few substantiated complaints of agencies misusing information or failing to correct inaccurate information. He is on record as saying that most companies in this business in New Zealand “seem to have acted responsibly in dealing with complaints.” The nub of the issue here, surely, is that the information should be accurate, and not whether it should be gathered, held, or communicated to other parties. Applicants for credit are putting themselves in the commercial domain and, if there is a credit record, have done so before. No-one would seriously suggest that individuals applying, say, for medical or life insurance should not be obliged to reveal all relevant personal information, including that which may be sensitive or embarrassing, as part of their side to a contractual agreement. Nor could it be argued seriously that insurance companies should be denied the right to obtain full medical reports on those applying for life or medical insurance, the traditional confidentiality of the doctor-patient relationship notwithstanding. Why, then, should .companies advancing goods on hire-purchase, or making loans to pqople, or in any risking their real

property on the creditworthiness of an individual, be denied the relevant history of that person’s credit dealings? Early last year it was reported that members of the Stock Exchange were intending to establish a national blacklist of people who had defaulted on paying their sharebrokers. This example is cited by the report as an instance of potential harm to individuals from the sharing of “private” information. Provided always that the list is accurate, the only harm that could come to a person so listed is selfinflicted, and the report’s concern for these individuals is difficult to understand and impossible to support. In most commercial applications of data about individuals, the information is not intrinsically personal but rather an encapsulation of a person’s deeds or misdeeds in previous contractual undertakings. It is useful not only of itself, as a record of a person’s reliability in the past, but also as a check on a person’s honesty in the present, by confirming or disproving that all relevant information has been disclosed in a current application for credit. As long as the potted credit history — for that is what it amounts to, whether details are available or simply a triple A to C minus classification — there can be no reasonable objection to its dissemination. The only ones to suffer by the spreading of the news will be those with something to hide. To preclude the compilation and exchange of this information, or to put too ponderous complications in the way, would be little more than an invitation to greater fraud and to greater overcommitment by those who can least afford it. Given the lack of examples of abuse of these private data bases, the determination of Mr Palmer to legislate one way or the other sits awkwardly with his professed objection to legislating against things that simply arouse suspicion — a tendency that Mr Palmer considers, moreover, to exhibit a misplaced if touching faith in the efficacy of legislation. A legal prohibition on the exchange of credit information, for instance, without the consent of the individual to whom it applies, will soon be met by a blanket “small print” clause in all credit applications, similar to the consent to exchange of information between banks contained in some applications for credit cards.

It might be considered prudent that the existing practice, by which individuals can discover the nature of credit information on them and get it corrected where necessary, should be given the force of law. With the number of models available, drafting a suitable statute should not prove difficult. Attempts to confer ownership of information by law, or to create a regulatory maze based on licensing in accordance with a general tort of privacy, venture into hazardous waters of an entirely different sort. The need to do so has not been demonstrated, other than the far from convincing proposition that a lot of other countries have made troubles for themselves by trying to control the exchange of information.