350 Qld border-pass applicants caught in police privacy breach
350 Qld border-pass applicants caught in police privacy breach
Matt Dennien
By Matt Dennien
October 10, 2021 — 1.05pm
Save
Share
Normal text sizeLarger text sizeVery large text size
For our free coronavirus pandemic coverage, learn more here.
Advertisement
The Queensland Police Service has again been caught up in a privacy breach, this time involving the email addresses of more than 350 people – including AFP, Defence and Queensland Health staff –trying to return to Queensland.
The border-pass applicants were among thousands of people seeking to enter Queensland from interstate COVID-19 hotspots under tight border restrictions.
A screenshot of the email sent out on Saturday afternoon, which inadvertently revealed the addresses of the more than 350 recipients to one another.
A screenshot of the email sent out on Saturday afternoon, which inadvertently revealed the addresses of the more than 350 recipients to one another.
Last week, the state government quietly began inviting some of the applicants to take part in a home quarantine trial, with strict eligibility criteria including a requirement that participants be fully vaccinated and live in the state.
The first of an expected 1000 participants – also required to fly into Brisbane Airport and spend their 14-day quarantine period in one of eight local government areas deemed to be within safe driving distance without stopping – were expected to begin arriving from Monday.
But while sending one batch of invitations on Saturday, Queensland Police inadvertently revealed the emails of more than 350 invitees to each other in a group email that failed to use the blind carbon copy, or BCC, function, which conceals a person’s email address to other recipients.
RELATED ARTICLE
A public health alert was issued on Tuesday for 10 new sites of varying risk at Brisbane’s domestic airport.
Updated
Coronavirus pandemic
Qld approaches residents awaiting return for home quarantine trial
Among those the police border-pass workforce sent the email to – which also urged recipients not to share the email with any other returning Queenslanders – were several addresses with AFP, federal Defence Department and Queensland Health domains, clearly identifying the account holders.
The breach is similar to one in September last year involving Australians stuck overseas who were contacted by the Department of Foreign Affairs and Trade about interest-free loans for those who had been financially hurt by delays caused by the cap on citizens returning to Australia.
In a statement, a Queensland Police spokesman said when the service became aware of the mistake on Saturday afternoon, it recalled the group email and deleted unread emails.
Advertisement
He said early investigations suggest “human error” was behind the bungle, and he stressed that “no other personal information” was revealed.
“The QPS immediately contacted officers in the Queensland border-pass workforce to remind them of the importance of double-checking emails, and the high value and importance the QPS places on maintaining the privacy of our stakeholders,” the spokesman said.
The QPS has been at the centre of several privacy breaches in recent years, including the use of a now-closed loophole in the Check In Qld app, a similar email slip-up involving gun owners, and passing too much information about an ADF reservist’s arrest to the department.
Another high-profile case involved the leaking of a domestic violence victim’s address to her former partner. The officer involved, Senior Constable Neil Punchard, resigned from the force this month after an almost three-year court battle.
Matt Dennien
By Matt Dennien
October 10, 2021 — 1.05pm
Save
Share
Normal text sizeLarger text sizeVery large text size
For our free coronavirus pandemic coverage, learn more here.
Advertisement
The Queensland Police Service has again been caught up in a privacy breach, this time involving the email addresses of more than 350 people – including AFP, Defence and Queensland Health staff –trying to return to Queensland.
The border-pass applicants were among thousands of people seeking to enter Queensland from interstate COVID-19 hotspots under tight border restrictions.
A screenshot of the email sent out on Saturday afternoon, which inadvertently revealed the addresses of the more than 350 recipients to one another.
A screenshot of the email sent out on Saturday afternoon, which inadvertently revealed the addresses of the more than 350 recipients to one another.
Last week, the state government quietly began inviting some of the applicants to take part in a home quarantine trial, with strict eligibility criteria including a requirement that participants be fully vaccinated and live in the state.
The first of an expected 1000 participants – also required to fly into Brisbane Airport and spend their 14-day quarantine period in one of eight local government areas deemed to be within safe driving distance without stopping – were expected to begin arriving from Monday.
But while sending one batch of invitations on Saturday, Queensland Police inadvertently revealed the emails of more than 350 invitees to each other in a group email that failed to use the blind carbon copy, or BCC, function, which conceals a person’s email address to other recipients.
RELATED ARTICLE
A public health alert was issued on Tuesday for 10 new sites of varying risk at Brisbane’s domestic airport.
Updated
Coronavirus pandemic
Qld approaches residents awaiting return for home quarantine trial
Among those the police border-pass workforce sent the email to – which also urged recipients not to share the email with any other returning Queenslanders – were several addresses with AFP, federal Defence Department and Queensland Health domains, clearly identifying the account holders.
The breach is similar to one in September last year involving Australians stuck overseas who were contacted by the Department of Foreign Affairs and Trade about interest-free loans for those who had been financially hurt by delays caused by the cap on citizens returning to Australia.
In a statement, a Queensland Police spokesman said when the service became aware of the mistake on Saturday afternoon, it recalled the group email and deleted unread emails.
Advertisement
He said early investigations suggest “human error” was behind the bungle, and he stressed that “no other personal information” was revealed.
“The QPS immediately contacted officers in the Queensland border-pass workforce to remind them of the importance of double-checking emails, and the high value and importance the QPS places on maintaining the privacy of our stakeholders,” the spokesman said.
The QPS has been at the centre of several privacy breaches in recent years, including the use of a now-closed loophole in the Check In Qld app, a similar email slip-up involving gun owners, and passing too much information about an ADF reservist’s arrest to the department.
Another high-profile case involved the leaking of a domestic violence victim’s address to her former partner. The officer involved, Senior Constable Neil Punchard, resigned from the force this month after an almost three-year court battle.