Story image

Do we need social media laws?

01 Oct 10

Many small businesses handle other people’s personal information on a daily basis – such information can be vital to e-commerce. New laws have been passed recently regarding the handling of such information, especially on an international scale. Yet concern is growing that the new ways of communication brought about by the internet are spawning careless attitudes towards privacy.

Legislation just passed by New Zealand’s Parliament ensures that personal data sent to New Zealand from overseas is subject to New Zealand’s privacy protection. The Privacy (Cross-border Information) Amendment Act enables individuals and businesses to assure their trade partners that New Zealand law protects their privacy.

The law allows the Privacy Commissioner to prohibit data received from overseas being transferred outside New Zealand to a jurisdiction without adequate privacy protection. This previously required special contractual arrangements, which were costly and regarded as a disincentive for overseas entities thinking about doing business in New Zealand.

However, one area where personal information can flow freely – sometimes without regard for the consequences – is now under scrutiny, with suggestions that regulation may be required.

Social networking is now a major marketing tool for businesses. A page on Facebook or LinkedIn is a cheap and quick method of boosting a company’s profile, and keeping customers or clients up to date with new developments. But technology analyst Ovum is suggesting that the use of social media by organisations when dealing with the public needs regulation to protect sensitive information from being divulged by blundering staff. Ovum also believes that peer to peer support conducted via social media should be monitored, to ensure that customers do not unintentionally pass on incorrect information.

"While social media should still allow customers to interact and express themselves, we believe that they need to be protected from having sensitive information spread on the internet by staff who may not understand how to treat such inquiries,” said Ovum analyst Aphrodite Brinsmead. "For these reasons, we believe regulations are a necessary evil.”

Brinsmead also believes businesses need to stop "experimenting” with social media and put formal strategies in place. That view is partly shared by New Zealand’s Assistant Privacy Commissioner, Catrine Evans. She says companies that maintain social network pages should make this the responsibility of one person, and they should also have a clear policy on posting information that is read and understood by all staff. Evans is reluctant, however, to back the notion of specific laws on social media.

"Any form of regulation needs to be carefully managed,” she says. "You don’t want your regulatory rules to effectively require greater intrusion into privacy.

Regulation should be appropriate to the problem and adequate to fix it. "Regulation might in certain fields be able to give you certainty, but the regulation has its own costs for businesses as well,” Evans says. "So I think we’re at a crossroads to be honest – we’ve got to get the balance right. Regulation and regulators may have a part to play, but so does the market. Users need to say what they’re prepared to accept, but if users don’t know what’s going on they can’t make that calculation, so companies themselves need to be much more open about what they’re doing and it’s how best to achieve that.”

The Law Commission is currently reviewing our privacy laws, and the Privacy Commission will soon produce some simple checklists enabling people to identify privacy issues. They’ll be published on its website ( The aim is to make people more aware of what they’re giving up to public view when they post information on social networks. Businesses need to take more care too – then hopefully we won’t need more regulations.

How blockchain will impact NZ’s economy
Distributed ledgers and blockchain are anticipated to provide a positive uplift to New Zealand’s economy.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Human value must be put back in marketing - report
“Digital is now so widely adopted that its novelty has worn off. In their attempt to declutter, people are being more selective about which products and services they incorporate into their daily lives."
Wine firm uses AR to tell its story right on the bottle
A Central Otago wine company is using augmented reality (AR) and a ‘digital first’ strategy to change the way it builds its brand and engages with customers.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Protecting organisations against internal fraud
Most companies tend to take a basic approach that focuses on numbers and compliance, without much room for grey areas or negotiation.
Telesmart to deliver Cloud Calling for Microsoft Teams
The integration will allow Telesmart’s Cloud Calling for Microsoft Teams to natively enable external voice connectivity from within Teams collaborative workflow environment.
Jade Software & Ambit take chatbots to next level of AI
“Conversation Agents present a huge opportunity to increase customer and employee engagement in a cost-effective manner."