The government of New Zealand has proposed a new bill that will repeal the Privacy Act of 1993. The bill known as the Privacy Bill was introduced on 20th March 2018, with a view to promoting the people’s confidence that all their personal information will remain secure and receive the proper treatment. It is also expected that the new law will introduce stringent and punitive measures for those who violate the privacy of others.
What Is The Privacy Bill of New Zealand?
Features of the Bill
If the bill gets accepted and is converted into law by the parliament of New Zealand, all private and public sector agencies would henceforth have to notify all individuals coming under the purview of the law as also the Privacy Commissioner, if such individuals are negatively affected by a harmful data breach.
This proposed Bill also has provisions for accepting two categories of complaints which an affected individual or his representative may lodge: First, if an individual’s complaint alleges that an agency’s action has indeed interfered with his privacy; and secondly, if the complaint is about a cross-section of the public getting affected.
The Bill is also expected to grant significant powers to the country’s Privacy Commissioner, who will be responsible for regulating the collection, disclosure, and use of private information on all New Zealand citizens and enhance the speed of information gathering and sharing in a digital age.
The Bill has already directed various concerned agencies to take appropriate steps for ensuring that any information that crosses national borders must adhere to its privacy laws.
The Bill shall empower the Privacy Commissioner to take decisions on requests for information access instead of the Human Rights Review Tribunal. However, his decision may be overruled or appealed on at the Human Rights Tribunal.
The Commissioner shall also be empowered to issue compliance notices to violators, which will be enforced by the Human Rights Tribunal. The Bill has made it compulsory for any privacy breach to be reported at once.
However, the country’s legal experts feel that New Zealand still lacks stricter laws for punishing those who thumb their noses at existing regulations. The Privacy Commissioner had even suggested in 2016 that heavy fines of up to $1m be imposed for any serious breach of the existing Privacy Act.
Once the Bill is enacted, all New Zealand-based agencies will have to ensure that any personal information that is disclosed overseas shall comply with set privacy standards. The law will also be applicable to any overseas service provider engaged by a New Zealand-based agency.
The Bill also states that deliberately misleading any agency in such manner that it adversely affects a third party’s information as also knowingly destroying documents for which a request has been placed and which contains personal information on an individual, will henceforth be deemed to be a criminal offense. Subsequently, the penalty would be a fine of up to $10,000. This is a lot of money.
According to the Bill, the Privacy Commissioner’s existing investigative powers will be enhanced as he shall be at liberty to shorten a time frame within which agencies must comply and failing which, would face higher penalties for non-compliance.
Why is the Law Being Changed?
It may be recalled that earlier on, even though New Zealand was adversely impacted by a data breach situation, it did not have such mandatory regulations on data breach situations.
In the first quarter of 2018 only, data breach incidents in excess of 500 have already been reported. Moreover, from 180 such complaints, it was evident that all age groups have been affected. The overall financial losses too were high at nearly $3 million, which turned out to be more than half of the losses reported in 2017.
The New Zealand government has recently decided to start building a suitable framework to protect its citizens’ rights to privacy of their personal information and also to establish a standard for privacy protection and maintenance that matches international standards.
These also include standards set by the OECD or Organization for Economic Co-operation and Development and the ICCPR or International Covenant on Civil and Political Rights.
The New Zealand government has asked for the opinions of citizens on the Bill with a hope that it will be enacted from 2019 onwards. This has been termed a once-in-a-generation opportunity to modernize the country’s privacy framework and both the New Zealand Parliament and government are going full throttle on it.
Australia Showed the Way
Australia has also changed its privacy regulations with effect from February 2018. This was done on a war footing as the continent was badly hit by a series of high profile data breaches, the most notable of which was the PageUp takedown. The Australian-based company, PageUp powers recruitment and job sites for its clients the world over, experienced a serious breach.
You can always take matters in your own hand when it comes to online security and privacy. Signing up with a VPN service provider has become a must these days. Take a look at our list of best VPNs for New Zealand to get a better idea of how exactly a VPN can help you protect your private data while browsing the web.