Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Show items from between:

Latest in Media releases and statements

Displaying 81 - 100 of 255

Privacy Commissioner appointment

The outgoing Privacy Commissioner Marie Shroff today welcomed the announcement of John Edwards as her successor as Privacy Commissioner.

Websites need to improve privacy information: Privacy Commissioner

Websites and apps that collect people’s personal information could do much better in telling people that they are doing it, why they are doing it and how securely the information will be held, says Privacy Commissioner Marie Shroff.

Ms Shroff was commenting on the results of the first Global Privacy Enforcement Network (GPEN) Internet Privacy Sweep which took place earlier this year on May 6-12. The sweep or survey of websites and apps is an example of international privacy enforceme...

New Cloud Computing Code of Practice : statement

Privacy Commissioner Marie Shroff welcomed the latest release of the Code, saying: “It's important for consumers looking into cloud computing to understand and assess the risks involved and make sound judgments. By setting a standard for local cloud providers to follow, the code makes sure that participating providers will give the right information to consumers to help them make good decisions. This is a very positive initiative from the Institute of IT Professionals (IITP) and I hope it w...

Wake-up call for government sector on privacy and security - GCIO report release

The newly released GCIO report is “a wake-up call to the government sector”, said Privacy Commissioner Marie Shroff. It reveals systemic weaknesses in the way privacy and security have been managed across the government sector.

“While departments are keen to make use of personally-linked data, the Report shows that they haven’t yet got their heads around how to handle it properly. I welcome the recommendations in the report. They are strong and comprehensive and will require so...

Media release: Websites leave children and parents guessing

A recent scan of school websites and some popular children’s game sites showed there is often no information given to users about how their personal information collected via the site will be used and shared.

The scan was part of an international “internet sweep” day, involving the New Zealand Privacy Commissioner and other overseas data protection offices in the Global Privacy Enforcement Network (GPEN).

“Each participating office selected a range of websites to scan. T...

Credit code amended - disclosure allowed for serious threat : media release

The Credit Reporting Privacy Code rules about the use and disclosure of credit information about serious threats are being changed, to reflect a recent Privacy Act amendment.

“The changes mean that credit providers can now feel more confident about whether to release information.  They can look at how serious a threat is, how likely it is to occur and how soon it might happen, before deciding to disclose to someone who can help prevent it,” Privacy Commissioner Marie Shroff said.<...

Statement from Privacy Commissioner Marie Shroff about EQC breach

The Privacy Commissioner Marie Shroff said today that public sector agencies needed to have stronger controls in place when handling spread sheets of personal information.

“The EQC breach is yet another incident involving inadvertent disclosure of large amounts of personal information on a spread sheet. We hope that agencies are starting to realise that they should have stronger controls in place to help to prevent these types of mistakes. But they clearly have a way to go yet.”

Privacy Commissioner amends health code to protect newborn blood samples : media release

Privacy Commissioner Marie Shroff has strengthened the Health Information Privacy Code 1994 to improve legal protections around newborn babies’ bloodspot samples.  These samples are collected as part of a national newborn metabolic screening programme, also called the heelprick or Guthrie Test. The samples are held permanently unless parents request their return.  The amendment will restrict how information derived from the samples may be used and disclosed.

“DNA testing is getti...

Privacy Commissioner issues Civil Defence National Emergencies (Information Sharing) Code 2013 : Media Release

Privacy Commissioner Marie Shroff today issued a code of practice that permits broad information sharing in the event of national emergencies.

"When a national emergency strikes, response agencies need to be certain whether they can share information with others," said Ms Shroff. "The last thing they need is to spend time second-guessing. And agencies that are planning for future emergencies have to be certain what the law will allow them to do, so they can factor that into their plann...

Making the right choices in cloud computing - new Privacy Commissioner guidance

The Privacy Commissioner today released guidance material for small to medium sized businesses (SMEs), to help them protect personal information when using cloud computing. 

"Businesses today are increasingly turning to cloud computing, but many are flying blind with the range of options, providers and risks. Shifting to the cloud can often make really good sense. But responsible businesses will always want to be sure that their client and staff information will be safe. We saw a gap...

Privacy Commissioner allows limited use of credit reporting information for anti-money laundering regime : media release

Privacy Commissioner Marie Shroff has amended the Credit Reporting Privacy Code to allow limited use of credit reporting information for anti-money laundering (AML) purposes.

From 30 June 2013, banks, finance companies and credit insurers will be required to verify their customers' identities, to make sure they are trading with real people who have a known history. The amendment means that these companies will be able to check customers against the credit reporting system to verify t...

European Union endorses New Zealand Privacy Act : media release

20 December 2012

Privacy Commissioner Marie Shroff today welcomed the announcement that the European Commission had formally decided that New Zealand's Privacy Act offers an adequate standard of data protection for the purposes of European law.

"The European decision is a vote of confidence in our privacy law and regulatory arrangements. This decision establishes New Zealand, in the eyes of our trading partners, as a safe place to process personal data."

The Offi...

Report shows leadership gap in MSD client information handling : media release

6 December 2012

'The Deloitte report on MSD makes it very clear that there is a need for strong leadership by senior management on the way client information is handled within MSD,' said Privacy Commissioner Marie Shroff, commenting on a report into the data breach at Work and Income public access kiosks.

'MSD has a huge and challenging role in delivering essential services to many New Zealanders. The Ministry is a mega-store of personal details and could be leading the way for in...

Privacy Commissioner's Annual Report 2012 - The Year of the Data Breach : Media release

28 November 2012

"This year has been marked for us by major public sector data breaches. Notable were the ACC spreadsheet breach in March and MSD kiosk breach in October. These losses of data have highlighted the urgent need for far better security and respect by government agencies for New Zealanders' personal information," said Privacy Commissioner Marie Shroff when she released her Annual Report today.

"The public sector can't afford to be complacent. It's quite clear that ag...

Privacy Commissioner releases credit reporters first assurance reports : media release

27 November 2012

Privacy Commissioner Marie Shroff today released the first compliance assurance reports submitted to her office by the national credit reporting companies.

Under a new requirement of the Credit Reporting Privacy Code, credit reporters are required to file assurance reports each year with the Office of the Privacy Commissioner. The companies must involve an independent expert in the process of preparing their reports.

"The reports were all submitted on ti...

Media Release: Google confirms NZ Street View 'payload' data destroyed

20 November 2012

Privacy Commissioner Marie Shroff received confirmation yesterday that Google has destroyed all the information collected from unsecured WiFi networks during its Street View filming in NZ.

Google had earlier informed the Privacy Commissioner that 'payload' information had been securely destroyed, but after more checks it found one disk that contained New Zealand and Australian information.

'We're pleased to see the certificate from an independent agency...