A Bill introduced by Justice Minister Hon Andrew Little to replace New Zealand’s Privacy Act has had its first reading.
“The protections in the Privacy Bill are vitally important. The key purpose of the reforms is to promote and protect people’s privacy and give them confidence that their personal information is properly protected.
“The Bill gives the Privacy Commissioner new powers. It allows the Privacy Commissioner to issue notices requiring an agency to comply with the Act, or direct them to provide access to a person’s information.
The Bill increases privacy protections for cross-border data flows, by requiring agencies to take reasonable steps to ensure personal information disclosed overseas will be subject to acceptable privacy standards.
“Under the Bill, it will be an offence to mislead an agency in a way that affects someone else’s information. It will also be an offence to knowingly destroy documents containing personal information where a request has been made for it.
“The Privacy Bill implements recommendations made by the Law Commission in 2011. The Law Commission found that it needed updating to better address the challenges of the digital age but overall the Act’s principles were sound.
“The Privacy Act has been in operation for over 25 years. Over that time, technology has revolutionised the way personal information is collected, stored, shared and used.
“The Bill retains the Privacy Act’s flexible, principles-based framework, and introduces new reforms to encourage agencies to earlier address privacy risks.
“The Bill will require public and private sector agencies to notify affected individuals if they experience a data breach which poses a risk of harm. Agencies must also notify the Privacy Commissioner.
“Data breaches can have a significant effect so it’s important people are aware of what has happened to their personal information. After its first reading, the Bill will be referred to the Justice Select Committee for consideration,” says Andrew Little.