Privacy law revision overdue

28 Apr 2018
Author: Andrea Twaddle

Recent interest in privacy law has spiked with the discovery that Cambridge Analytica used data obtained from Facebook to influence global politics, including the 2016 election of US President Donald Trump. The company improperly acquired data from Facebook users, prompting Facebook to ban the firm from its platform.

The Privacy Bill largely retains the structural elements of the current Act, however key provisions in the proposed Bill include the introduction of:

There have been significant technological advances since the Privacy Act 1993 was introduced, and the Cambridge Analytica situation shows that the revision of New Zealand’s privacy laws is long overdue.

This month, a Privacy Bill had its first reading in Parliament, and is intended to replace the 1993 Act. The Bill provides the Privacy Commissioner with greater powers to address failures by agencies to deal with personal information appropriately and is intended to restore public confidence that personal information will be kept secure and treated properly.

Complaints are ordinarily based on an alleged breach of one of 12 Privacy Principles. The principles include using information only for the purpose for which it was collected, enabling a person to access and correct their personal information, limiting disclosure of personal information and the obligation to keep information secure.



  • Mandatory reporting of privacy breaches: Agencies will be required to notify the Privacy Commissioner and affected individuals, in the event of a notifiable privacy breach as soon as practicable after becoming aware of the breach.
  • Criminal offences: for fraudulently accessing another individual’s personal information; or having that information used, altered, or destroyed; or for the destruction of documents, knowing that a request has been made in respect of that information.
  • Compliance Notices: will be able to be issued by the Privacy Commissioner to require an agency to do something (or stop doing something) to comply with privacy laws.

Ultimately, the Bill aims to modernise privacy legislation and to give the Commissioner greater teeth to enforce privacy rights and should achieve this. The Bill is expected to be passed into law by the end of the year.

(This article was first published by Cambridge News, 27 April 2018)



 
PrintBack
 
 
Privacy law revision overdue
About the Author
Andrea Twaddle
Andrea is an experienced specialist employment lawyer and Director at DTI Lawyers. She advises on contentious and non-contentious employment law issues, including privacy, and health and safety matters. Andrea is AWI-CH qualified, and undertakes complex workplace investigations. She is a former Council Member at the WBOP District Branch of the Law Society, and Coordinator of the WBOP Employment Law Committee. Andrea is a regular commentator on employment law issues and is frequently sought as a presenter at client and industry seminars, as well as for the provision of advice to other lawyers, professional advisors and leadership teams. You can contact Andrea at [email protected]