On 1 December 2020, New Zealand’s privacy law came into force. This new law replaces the Privacy Act, 1993. This is an important step taken by the New Zealand government to be on par with the EU in terms of privacy laws.
Some of the important features of the Act are as follows:
- The Act provides for the protection of Personal Information as defined in the Act.
- The Act incorporates guidelines from the OECD and ICCPR (International Covenant on Civil and Political Rights)
- Scope of the Act: The Act applies to
- A New Zealand agency
- An overseas agency
- An individual who is not ordinarily resident in New Zealand but who has collected personal information in New Zealand or personal information held by the individual in New Zealand
4. Personal information as defined in the Act means information about an identifiable
individual; and includes information relating to a death that is maintained by the
Registrar-General under the Births, Deaths, Marriages, and Relationships Registration
Act 1995 or any former Act (as defined in section 2 of the Births, Deaths, Marriages, and
Relationships Registration Act 1995)
5. The Act provides for an appointment of a Privacy Commissioner who shall act
independently.
6. Similar to the Australian Privacy Principles, the Act also provides for Information Privacy
Principles
7. The Act enshrines the principles of access to information and correction of personal
information similar to the GDPR
8. The Act lists the procedure of making a complaint by an individual in case of interference
of privacy by an agency.
9. The Privacy Commissioner may refer certain complaints to the Human Rights Review
Tribunal.
10. A serious privacy breach has been termed as a Notifiable Privacy Breach
11. As per the Act, agencies can share information with each other by way of information
sharing agreements
12. Personal information from New Zealand cannot be transferred to another country.
Reference:
-legislation.gov.nz