Stuff reports:
Waikato District Health Board has succeeded in court action to stop Radio New Zealand using data taken in a cyber-attack.
In a decision released on Wednesday, the health board has won an interim injunction through the High Court restraining Radio NZ from accessing stolen data without consent and to permanently delete that data or any copies.
Read more on Stuff.
I cannot say I am shocked by the injunction, as every country has its own laws and its own views on press freedom. And as I recently blogged, we knew that Commissioner Edwards was concerned about RNZ’s coverage. But I do wonder how this plays out on a global stage. The decision reportedly does not apply to previously published news stories but it is not clear from the judgement who the “secondary defendants” are and what happens going forward.
And how does this help at all if the data shows up on Raid Forums or xss.is or another forum where data tends to get dumped or shared? Does this decision really help Waikato protect confidential data or will it be viewed like waving a red flag at a bull and tempt more gray hats and black hats to disseminate the data?
I’ve located the court’s judgement concerning the injunction. I do encourage everyone to read it, as when you read the details, you may find yourself more sympathetic to Waikato DHB after reading how RNZ denied their request for more time to respond to inquiries and time to notify the child to prepare them and support them in anticipation of the story. I’m not sure I understand why RNZ felt that story couldn’t wait another day or two or three.
The decision can be found here:
Case name: Waikato District Health Board v Radio New Zealand
Update: Unsurprisingly, the Commissioner supports the action and issued the following statement:
The Privacy Commissioner supports the steps taken by Waikato District Health Board to protect against any further accessing or disclosure of information that was illegally obtained by cyber hackers as part of the ransomware attack on the DHB.
The Privacy Commissioner is considering applying for leave to intervene in any substantive hearing, given the important privacy interests raised by the proceedings.