Story image

InternetNZ says the Privacy Bill is a good start, but New Zealand can do better

06 Jun 18

InternetNZ says the Privacy Bill currently in front of a select committee is a good start to revamping the Privacy Act, but it needs to go even further to be fit for the internet age.

Justice Minister Andrew Little says the Privacy Bill is designed “to promote and protect people’s privacy and to give them confidence that their personal information is properly protected.”

InternetNZ chief executive Jordan Carter says privacy matters more than ever in the age of big data and ubiquitous internet, but improvements are needed to keep privacy up to date.

"Privacy is an essential human right and the online world has brought many changes and challenges to how privacy works in the Internet age. This much-needed upgrade to our privacy law will help make our law fit for this decade and beyond,” Carter says.

InternetNZ adds that “The new Privacy Bill regulates the collection, use, and disclosure of information about individuals and has retained the Act’s 12 information privacy principles.”

Proposed changes include mandatory data breach disclosure with up to $10,000 fines for non-compliance, and the provisioning of more powers to the Privacy Commissioner.

Submissions on the Bill closed on May 24. Both the Office of the Privacy Commissioner and InternetNZ have made their submissions publicly available.

"We support the changes in the Bill but have also suggested some adjustments to make them more effective,” Carter says.

"Our submission introduces several new initiatives that are in part aimed at tackling developments since the Law Commission’s 2011 report, on which this Bill is based."

InternetNZ has suggested a number of changes, including:

Adapting ideas from the Europe’s GDPR and incorporating these where they make sense

Aligning Data breach notification rules to those of the EU and Australia

Giving New Zealanders a new right to know the purpose for which information is being held, as well as existing rights to the information itself (the ‘why’ as well as the ‘what’).

"With Europe’s General Data Protection Regulation (GDPR) in effect, and changing privacy standards around the world, now is the right time for New Zealand to update our own privacy protections." says Carter.

"We would like to see Parliament get our Privacy Law fit for purpose and to see Select Committee take additional submissions on further reforms.

"We would support a later report-back of this Bill, and an additional consultation period, to support that outcome.

Read our previous coverage of the Privacy Bill proceedings here:

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Apax Partners wins bidding war for Trade Me buyout
“We’re confident Trade Me would have a successful standalone future," says Trade Me chairman David Kirk
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.