Office of the Privacy Commissioner | Privacy Act turns 25
New Zealand reaches a privacy and data protection milestone this year as the Privacy Act marks its 25 year anniversary.
The Act was passed by Parliament on 5 May 1993 with the support of both main political parties. It is New Zealand’s only comprehensive privacy and data protection legislation and has remained relatively unchanged since it was enacted.
There have been three Privacy Commissioners in that time – Sir Bruce Slane, Marie Shroff and the current Commissioner, John Edwards.
Mr Edwards says the Act is a tribute to the lawmakers of the time because the law has withstood substantial challenges. “The Privacy Act is a technology-neutral piece of legislation with a principle-based approach that has made it resilient in the face of technological changes. This approach has meant that it is not obsolete even 25 years later.”
But he said the current law is not as strong as it could be. Other OECD countries have been modernising their privacy and data protection laws, including Britain, Canada, Singapore and Australia. A setting example is the European Union’s General Data Protection Regulation (GDPR) which will take effect in May this year.
“One of the reasons other countries are updating their privacy laws is because of how interconnected the world is now. The speed and quantity of data that multinational companies shift around the world is a new development since 1993.
“New Zealanders are sending their personal information overseas multiple times a day by using Google, Facebook or Netflix. It’s important that our privacy laws are up-to-date and modern to accommodate escalating data flows and new technologies.”
Mr Edwards says the Privacy Bill, recommended by the New Zealand Law Commission in 2011, and committed to by the Government in 2014, remains a work in progress. The Ministry of Justice continues to regard privacy law reform as a priority and is currently preparing the draft legislation.
The reform proposals to the Privacy Act include stronger powers for the Privacy Commissioner, mandatory reporting of privacy breaches, new offences and increased fines. In particular, the reforms aim to encourage private and public sector agencies to identify risks and prevent incidents that could cause harm.
To find out more, visit the Office of the Privacy Commissioner’s website at www.privacy.org.nz.
Read our blog post about the Privacy Act turning 25.
A printable PDF copy of this media release is available here.
For more information, contact Charles Mabbett on 021 509 735.