Story image

2018 a 'defining year for privacy', says NZ law firm

12 Apr 18

Law firm Simpson Grierson believes 2018 is shaping up to be a ‘defining year for privacy’ as New Zealand’s Privacy Bill finally makes its way through Parliament and the Select Committee.

Data privacy is not only making the headlines because of its controversial use. According to Simpson Grierson, the Privacy Bill is intended to promote people’s confidence that their information is secure and will be treated properly.

Partner Sally McKechnie says the Bill, which will replace the Privacy Act 1993, reflects the recognition that firm guidance and tougher penalties are needed in the case of privacy breaches.

The law firm also commends the government's other initiatives such as the establishment of a chief technology officer and a Ministerial advisory group.

“The rise in use of ‘big data’ technologies will continue to present both opportunities and challenges for business and in government in 2018,” McKechnie says.

“In anticipation of this, the Government has recently outlined its priorities across digital technology, media and open government. It has also pledged to review and update a range of other legislation to include the wider effects of digitisation, and introduce a Digital Bill of Rights that will integrate with existing cornerstone legislation such as the Bill of Rights Act, the Crimes Act, the Privacy Act and surveillance legislation.”

Looking overseas, the law firm says that international cloud computing cases such as United States v Microsoft could act as a guide as to how data protection laws could be developed for New Zealand’s own businesses.

New Zealand’s own Privacy Commissioner filed a submission in the US Supreme Court about the case. He believes the US Government should not be able to rely upon US domestic search warrant legislation to access the data, rather than making a mutual assistance request to the Irish government.

“The United States Supreme Court recently heard oral arguments in this case, which concerns the execution of a US search warrant to access personal information held by Microsoft in an Irish data centre,” McKechnie says.

“This case will examine the cross-border reach of law enforcement agencies and how modern data protection laws operate. It could potentially have significant implications for both individuals and companies around the globe.”

“The implications of this case could impact the lives of all New Zealanders. We await the United States Supreme Court’s decision with interest.”

McKechnie notes that are other implications for New Zealand’s Privacy Bill, particularly in cases where breaches have resulted in complaints. She believes damages as a result of breaches are increasing.

She also says that the Office of the Privacy Commissioner reported that almost half of its cases are closed through settlements.

“With increasing delays and backlogs in the Human Rights Review Tribunal, indications are that aggrieved persons and organisations alike will increasingly look to early resolution through the Privacy Commissioner’s office,” she explains.

She also points to the ‘value’ of complaints, which have now become prone to disparity. The Kim Dotcom decision awarded $90,000 in damages, for example.

The Privacy Commissioner had to curb the trend by releasing guidance as to the value (monetary or other) of a complaint.

“This guidance will be a very useful resource for organisations responding to privacy complaints,” McKechnie concludes.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.