Council recently breached the privacy of over 200 people in just the click of a mouse.
It is so easy to do and something we often don’t give much thought to. An email was sent to over 200 people about a Council project and the external recipients were not bcc’d into the email. Instead the email was sent to all the recipients in the normal way we send an email to anyone. That then meant that every external recipient was able to see all of the other recipients’ email addresses.
While some may consider this is not a major breach of privacy and there are different views on what constitutes personal information, privacy legislation does not permit us to assume an individual’s circumstances, nor assume how significant a breach is, nor should we. Council and Council officers, as custodians of information on behalf of the Greater Dandenong community, must never assume that we know how much an individual’s right to privacy means to them and we all need to be vigilant when we have mass emails to send, particularly to external recipients.
So please be cautious when you are sending out mass emails to residents and external recipients – check your work and check that everything, particularly all the recipient’s email addresses, are in the right place. Never send someone’s email to anyone else without their consent. (This does not apply to internal emails that you may cc to many officers within the organisation.)
If you are confused about this article or would like more information, please do not hesitate to contact Council’s Information Privacy Officer, Lisa Roberts on 8571 5216.