New Zealand Keeps Doxxing Registered Gun Owners

A data breach in New Zealand exposed the personal information of some of the country's gun owners, and not for the first time. It's another indication of how even well-intended government policies can become civil liberties nightmares.

After the 2019 mass shooting at a Christchurch mosque, the country enacted a series of reforms intended to prevent such tragedies in the future. Along with a ban on most semi-automatic firearms and a gun buyback that netted more than 50,000 weapons, one provision empowered New Zealand's Firearms Safety Authority to "effectively regulate the legitimate possession and use of firearms." In other words: a national "firearms registry" that will "link firearms to licence holders, so there is a clear picture of the legally held firearms in New Zealand and improved ability to trace firearms," according to Executive Director Angela Brazier.

Last week, a joint email went out from the Firearms Safety Authority and the Auckland Central Police District to 147 registered gun owners, advising them that their addresses might need to be updated. Unfortunately, the emails were all listed in the CC field instead of the BCC field, which would be hidden. As a result, each recipient of the email not only saw every single other recipient's email address but, in many cases, first and last names as well.

As The New Zealand Herald noted, "The visible addresses included various prominent Auckland residents, including lawyers, company directors, police officers and government officials."

This is not the only, or even the most severe, breach of New Zealand gun owners' data in recent memory. During the 2019 gun buyback, the government set up a website for gun owners to register their weapons for relinquishment. Police later admitted that visitors to the site could easily access other registrants' personal information, including names, addresses, dates of birth, and bank account information. And in 2022, thieves stole as many as 400 gun owners' records from an abandoned police precinct after police officials neglected to destroy the files before moving operations to a new building.

In the U.S., national gun owner registries are prohibited by federal law, though they do exist in some form in certain states, and some progressive lawmakers and advocates support wider adoption. Giffords, the gun control advocacy organization named for former Rep. Gabrielle Giffords (D–Ariz.) who was shot and nearly killed while in office, says registries are "a useful method of curbing illegal gun activity and encouraging responsible gun practices." Sen. Cory Booker (D–N.J.) proposed a national licensing system for gun owners in 2019 as part of his presidential campaign platform.

Gun owners would have reason to fear that a registry today could be used to confiscate guns tomorrow. Not to mention, a plan like Booker's would require the federal government to keep accurate and copious records so as not to accidentally arrest the wrong person—not exactly its strong suit. There's also the issue of noncompliance: In New Zealand, it's estimated that somewhere between one-third and one-half of all newly forbidden weapons were actually turned in. In neighboring Australia, often touted as an example of gun control done well, only about one-fifth of banned weapons are estimated to have been turned in.

But the events in New Zealand demonstrate an underappreciated downside to government registries: the possibility that such a mass of personal information could be leaked or otherwise improperly accessed. Nicole McKee, firearms spokesperson for New Zealand political party ACT, told The New Zealand Herald that the latest leak "shows once again that police are incapable of keeping licenced firearms owners' information secure."