False identities were used by a right-wing lobby group to make Official Information Act requests of a government agency.Of course they do. So does every serious requester. In fact, I would be extremely surprised if the Herald's David Fisher, who produced this article, hadn't done it himself. As for why, the reason is simple: because there is a well-founded perception that agencies treat requesters differently based on who they are and the reason they believe they are requesting information. A request from a journalist or advocacy group may be delayed, transferred, or see as much information withheld as possible, while a request for exactly the same information from a random member of the public will see it speedily released. So regular requesters often pretend to be other people to get the information they are seeking.
The Herald uncovered evidence showing people seeking information for the NZ Taxpayers' Union did not actually exist - and that numerous email addresses from its purported members were actually directly linked to its head office.
One single Taxpayers' Union email address was linked to nine ghost people who filed OIAs seeking information, including details later used by the lobby group to seek publicity.
The Herald approached the Taxpayers' Union for comment. It refused to talk for two days then issued a statement admitting it used bogus identities to make OIA requests.
Its a practice as old as the OIA itself. I recall reading an ancient article about the toxic days of the Fourth Labour Government, where people in one Minister's office were having to make pseudonymous OIA requests to find out what other Ministers were doing. Nowdays, with email and FYI, its trivially easy. Make a throwaway account, file OIA request, wait 20 working days. Its only problematic if the agency is one which uses eligibility requirements as a barrier, or if you want to complain to the Ombudsman later.
Is it legal? The Law Commission noted in its 2012 review of the Act that there's no requirement for requesters to provide their real name, and agencies would have no way of knowing if they did anyway. It therefore made no recommendation on the matter. The Ombudsman is on record (in their submission to that review (Q45)) that there should be no requirement for requesters to state their real name. So its certainly not seen as a problem by those responsible for upholding the OIA regime.
In other words, rather than some weird and underhand practice, its a common OIA tactic, and likely used by the journalists themselves. Rather than investigating it, maybe the Herald should be looking at why it is necessary, and campaigning for a better freedom of information regime, rather than persecuting those struggling to make it work.
(Meanwhile, the Herald's investigation seems pretty dubious itself. They obtained the email addresses of requesters, though its not clear how, and then attempted to hack the accounts to learn their password reset emails. FYI is on record as saying they did not provide the addresses, and I think there's interesting questions to be asked about how the Herald did it...)
Edit (4/10/18): David Fisher has got in contact to assure me that he has never made a pseudonymous OIA request. I guess I get to be surprised then.