A North Shore woman was left in a state of anxiety after receiving a text message from a stranger claiming to have obtained her number from the COVID-19 supermarket login paper.
The 23-year-old, who did not want to be identified, said she went grocery shopping at the weekend from Glenfield Countdown but was not carrying her phone and had to log in when entering the store.
Yesterday morning – two days later – I noticed a “horrible grammar” message from a number you didn’t recognize.
“Hey hw ru” was the unexpected salutation.
When she asked who was calling her, the mysterious person identified himself by his first name, revealing where they got her number.
“(Name withheld) I gt yr num frm Covid Tracer form.”
She said she took immediate measures to stop any further contact.
“I immediately blocked them,” said the newly committed young professional. “I don’t deal with this shit!”
This is the second time that a New Zealand woman has complained about the misuse of private contact details to achieve unwanted progress.
In May, a North Shore Subway employee was alleged to have harassed a customer by using contact tracing details to send her a message.
The woman “let Jess” feel “rough” and “creepy and vulnerable” after the man who took her command sent her an email, text, and requests on Facebook and Instagram.
An employee was suspended and the franchisee later implemented a digital contact tracing system that was only available if the Department of Health needed to track someone.
The supermarket shopper said he was very worried about an unwanted approach but felt it was best to speak out, fearing that the person had photographed the entire list and took an unwanted approach with other women.
She said, “It is a bit scary to receive text messages like this, especially since someone thinks it is appropriate to remove your information from something like this.”
Instead of approaching the store or privacy commissioner, I thought speaking out and raising this issue was sufficient measure to force change.
“And it should be sufficient for stores to know that they should not be displayed in open spaces,” she added.
The stores called for personal details to be better taken care of and protected from prying eyes. Many stores have login tracking lists with full public screen.
“I’m good at keeping things totally private but I think it can fall into the wrong person’s hands … You never know what people are going to do.”
Today’s Woolworths-owned supermarket encouraged women to contact them, adding a request for everyone to respect the privacy of other shoppers who needed to log in.
“We are very sorry to hear of this issue. We are happy to look into the matter in more detail and / or inform the police if the customer so desires,” a company spokeswoman said.
The paper forms were in the customer service desk, which meant that employees were generally able to monitor them.
Once the page was full, she said, the checkout team took her to the office, where it was locked away.
She said, “We ask our clients to respect the personal information of others when signing the paper search form so as not to discourage people from using it.”
The Office of the Privacy Commissioner advised the woman to file a complaint with the company.
If the company cannot resolve the issue to its satisfaction, then it can file a complaint with the Office of the Privacy Commissioner.
“Privacy law imposes obligations on organizations to keep personal information secure,” said Charles Mabitt, chief communications advisor.
Privacy Commissioner John Edwards explained that companies should only be custodians of information that is provided for public health purposes and it was about this kind of incident that might make the public wary of leaving out contact details.
“It is absolutely essential that companies deal with this information exclusively to manage the epidemic,” he said.
“If they allow their misuse by employees or clients, it undermines the entire system and could put people at risk.”
In a previous post, Mr. Edwards suggested companies should consider who needs to view the model.
“Should the 25th logged in person be able to see the name, phone number and contact details of the 24 other logged in persons?” he wrote.
“Maybe past entries could be covered, and ask everyone to move the lid down as they fill out the entry. There will be other ways to protect the information. For example, don’t let patrons photograph the record.”
The best way, he said, is to use the NZ COVID Tracer app to record movements.
This article originally appeared on NZ Herald and is reproduced with permission