PUBLICATIONS

Publications

Our lawyers keep up with the latest trends and issues in New Zealand law and business, and regularly publish articles and reports on current topics.

Email me when new articles are published

Legal update: Privacy Bill's slow progress

Written by David Alizade, PARTNER; Claire Godber, SENIOR ASSOCIATE on February 18th, 2020.    

Share
Download
 
Legal UpdatePNG

    Privacy Bill's slow progress

February 2020
 

NEED FOR STRONGER PROTECTION

The Privacy Bill (Bill) was introduced to Parliament in March 2018. The Bill is intended to update and modernise the current Privacy Act 1993 (Act) and will affect all organisations doing business in NZ that collect, use or hold information on individuals in NZ. 

Reform of the Act is long overdue and is needed to reflect and keep pace with the major technological developments that have occurred over the past 27 years – such as the rise of the Internet and new technologies such as E–commerce, social media and cloud storage.

NZ also needs more robust regulation of personal information to ensure NZ is in line with the global trend in privacy law reforms, such as Australia’s recent Privacy Act reforms, the OECD Privacy Guidelines and the EU’s General Data Protection Regulation (GDPR).

Unfortunately, the Bill has not gone as far as other reforms that have been adopted overseas, particularly the GDPR and the recent Australian reforms.

KEY CHANGES

While the Bill repeals and replaces the Act, it retains the key privacy principles of the Act.  The six key changes to the Act under the current Bill are:

1.    Mandatory reporting: Agencies are required to notify the Privacy Commissioner and affected individuals about any privacy breach that has caused, or is likely to cause, serious harm to the affected individuals.

2.   Compliance notices: The Commissioner has a new ability to enforce compliance by issuing compliance notices which can be enforced by the Human Rights Review Tribunal.

 

 
3.    Cross-border transfers: There is a new cross-border disclosure principle which regulates the transfer of personal information outside of NZ. 

4.    Information collected: There are tighter controls on the information that can be collected – agencies cannot require a person’s identifying information unless it is necessary for the lawful purpose for which they are collecting the information.

5.    New offences: There are two new criminal offences: misleading an agency to get someone else’s personal information, and destroying a document that contains personal information knowing it has been requested.

6.   Fines increased: Fines for breaches are increased from up to $2k to up to $10k – however this is a long way off the civil penalties of up to $1million that the Commissioner recommended.

NEXT STEPS

The Bill passed its second reading in August 2019 and is currently before the Committee of the Whole House.  The Bill was intended to come into force on 1 March 2020, but this is now unlikely given progress appears to have stalled.

For further information or to discuss how privacy laws may impact your business, please contact one of the Jackson Russell business lawyers listed.

 

     
Current progress of the billPNG

Disclaimer: The information contained in this publication is of a general nature and is not intended as legal advice.  It is important that you seek legal advice that is specific to your circumstances.

All rights reserved © Jackson Russell 2020

 

Key Contacts

David Alizade 167

David Alizade,
PARTNER



Claire FINAL
Claire Godber,
SENIOR ASSOCIATE
Topics: Business, Privacy
 
 

CONTACT US

Level 13, The AIG Building, 41 Shortland Street,
Auckland 1010, New Zealand

PO Box 3451, Auckland 1140
New Zealand

Telephone
+64 9 303 3849

Fax
+64 9 309 0902

Email
enquiry@jacksonrussell.co.nz