Story image

Parliament supports NZ's Privacy Bill during first reading

11 Apr 18

New Zealand’s proposed Privacy Bill is going through the first round of debates in Parliament this week, with the support of all sitting MPs.

Justice Minister Andrew Little opened the first reading with an introduction describing the Bill and how it must be able to cope with the new challenges of protecting personal information.

“The purpose of the Bill is to promote and protect people’s privacy and to give them confidence that their personal information is properly protected. The current Privacy Act was enacted 25 years ago. Since then, information technology has revolutionised how we deal with personal information. Collecting, storing, and disclosing more personal information than ever before using social media, e-commerce, and to connect to devices, cloud storage, and other new technologies.”

He says that early identification and prevention of privacy risks rather than remedies after the fact are required. The Bill also upholds the 12 current privacy principles.

“One of the key reforms in the Privacy Bill is a new requirement for agencies to report privacy breaches. A privacy breach is any unauthorised access to, or disclosure, loss, or destruction of, personal information. It can also include a ransomware attack.”

Failure to disclose breaches may come with fines of up to $10,000.

Little continues to discuss how people need to be aware if their information is breached; how the Privacy Commissioner needs new capabilities to enforce compliance and other powers.

Speaking about safeguards to New Zealanders’ personal information sent or held overseas, a New Zealand agency must be responsible for that data. Little paraphrases,

“Lies and social media can be halfway around the world while the truth is still strapping its shoes on.”

“The select committee process is very important and I urge all New Zealanders with an interest in privacy as an issue to come forward and to have their say on the Bill. It will be important for the Bill to have maximum scrutiny; not just from members of this House, but all citizens.”

National MP Christopher Finlayson talked about the 1993 Privacy Act’s importance in shaping law for the last 25 years, but we now live in a different age.

“New technologies have rapidly advanced the type, the quality, and the quantity of personal information available to governments and businesses. I think this Bill is going to go some way to modernising our privacy legislation and reflect these technological changes.”

“I’d like to know how the reforms as to how the approved information sharing mechanisms work and whether or not we can improve on those.”

Minister of Broadcasting, Communications and Digital Media Clare Curran took the time to explain that while other law reforms such as the Search and Surveillance Act, Telecommunications Interception Capability and Security Act passed through law, what was left behind was privacy law reform.

“By their very nature, revolutions cause momentous disruption. The digital revolution has occurred, particularly over the last seven years, much has changed. But the protections of people’s privacy has not been modernised and has not had a value put on it. That is why this is so important.”

“Having the individual and the importance of their personal data as the key purpose of this new Act is a very powerful statement for our citizens. It sends a clear message that this government sees people as central to the business of government and keeping them safe is the point of the work that we’re doing.”

She also mentions that trust is vital to democracy. People need to know that their information is safe and used for legitimate purposes, particularly when algorithms are drawing on their data; as well as frameworks in place for when trust principles are breached.

National MP Maggie Barry expressed dismay that the proposed Bill has removed some requirements including a breach penalty fine of up to $1 million, issues around data portability, compliance monitoring, and controls around the re-identification of data, adjusting criminal offences, and informing the public register on privacy principles.

Labour MP Priyanca Radhakrishnan supported the themes of digital change and the importance of updating New Zealand’s privacy laws.

“Under this particular Bill, if someone’s privacy is breached they can complain to the Privacy Commissioner. The change that this bill will bring about is that the Privacy Commissioner’s role is strengthened,” Radhakrishnan says.

“It gives the role a bit more teeth because the Commissioner who then attempts to resolve the dispute can make a decision. If the person is not happy with the decision that’s made, it can be appealed to the Human Rights Review Tribunal.”

She notes that ransomware attacks and cybercrime are significant to the Privacy Bill because personal information can be stolen and used to commit identity fraud.

Other speakers included Darroch Ball, Chris Bishop, Golriz Ghahraman, Shane Reti, Nick Smith, Raymond Huo, Mark Mitchell, and Tamati Coffey.

Read more about New Zealand's Privacy Bill here.

How blockchain will impact NZ’s economy
Distributed ledgers and blockchain are anticipated to provide a positive uplift to New Zealand’s economy.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Human value must be put back in marketing - report
“Digital is now so widely adopted that its novelty has worn off. In their attempt to declutter, people are being more selective about which products and services they incorporate into their daily lives."
Wine firm uses AR to tell its story right on the bottle
A Central Otago wine company is using augmented reality (AR) and a ‘digital first’ strategy to change the way it builds its brand and engages with customers.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Protecting organisations against internal fraud
Most companies tend to take a basic approach that focuses on numbers and compliance, without much room for grey areas or negotiation.
Telesmart to deliver Cloud Calling for Microsoft Teams
The integration will allow Telesmart’s Cloud Calling for Microsoft Teams to natively enable external voice connectivity from within Teams collaborative workflow environment.
Jade Software & Ambit take chatbots to next level of AI
“Conversation Agents present a huge opportunity to increase customer and employee engagement in a cost-effective manner."