This reporting would appear to raise quite significant ethical questions, and I would be concerned to think of journalists trawling through illegally obtained deeply sensitive personal information to identify and generate stories. The fact that one media source would appear to have done so may prompt others to do so – effectively creating a market for, and monetising, this very personal material.
It is essential that people – including media – respect the personal information of others. Any information which has come from the Waikato DHB ransomware breach is likely to be sensitive personal information, which is likely to cause a great deal of anxiety to the people affected.
Journalists should not be accessing this information and should in no case contribute to its more widespread dissemination. Doing so only adds to the distress of those whose personal information has been disclosed.
The Office of the Privacy Commissioner is currently considering whether the matter ought to be brought to the attention of the Broadcasting Standards Authority and/or the New Zealad Media Council.
SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA NUOVA ZELANDA