| 
New Zealand
This
page looks at privacy legislation, reports and developments
in New Zealand.
It covers -
 introduction
Information about the New Zealand Privacy Act 1993,
one of the most comprehensive outside Europe, is available
at the NZ Privacy Commissioner's site.
the
1993 Act
The Privacy Act (here)
applies to the handling of all personal information collected
or held by government agencies and most businesses. Coverage
of the private sector includes sole traders, major New
Zealand-owned businesses and the local arms of overseas-owned
businesses.
The legislation identifies 'personal information' as information
about an identifiable living person, irrespective of whether
it is on a computer or a paper file.
The legislation is based on twelve Information Privacy
Principles (IPP),
similar to the National Information Principles in the
Australian Privacy Act and ultimately derived from the
1988 OECD Guidelines.
They cover -
1
purpose of collection of personal information
2
source of personal information
3
collection of information from subject
4
manner of collection of personal information
5
storage and security of personal information
6
access
to personal information
7
correction of personal information
8
accuracy, etc of personal information to be checked
before use
9
agency not to keep personal information for longer than
necessary
10
limits on use of personal information
11
limits on disclosure of personal information
12
unique identifiers
The
principles are technology neutral, with the expectation
that they will operate in a number of contexts and not
be superseded by new technologies. Although not prescriptive
the IPP set a number of standards.
The legislation establishes a national Privacy Commissioner.
codes
The Act allows the Privacy Commissioner to establish
Codes of Practice that apply the Information Privacy Principles
to specific activities and industries or allowing exemptions.
The Commissioner has issued seven Codes since inception
of the Privacy Act.
Health
Information Privacy Code 1994
Health Information Privacy Code 1993 (temporary, now
expired)
GCS Information Privacy Code 1994 (expired)
Superannuation Schemes Unique Identifier Code 1995
EDS Information Privacy Code 1997 and amendment
Justice Sector Unique Identifier Code 1998
Post-Compulsory Education Unique Identifier Code 2001.
The
NZ Privacy Commissioner has sought public comment on a
proposed Telecommunications Information Privacy Code (TIPC).
That code is discussed in a separate Information
paper.
Submissions are due by mid March 2002.
The New Zealand Consumer Ministry has published a New
Zealand Model
Code for Consumer Protection in Electronic Commerce
with a privacy component.
other
legislation
The legislation reflects the New Zealand Bill
of Rights Act 1990 (BRA)
and Human Rights Act 1993 (HRA),
discussed here.
As
in Australia, other enactments contain provisions relating
to the protection of personal information. These include
-
Income
Tax Act 1986
Official Information Act 1982 (here)
developments
The Privacy Act has been amended since 1993. Highlights
of privacy legislation in Australia and New Zealand are
here.
Specific amendments are -
Privacy
Amendment Act 1993 (here)
Privacy
Amendment Act 1994 (here)
Privacy
Amendment Act 1996 (here)
Privacy
Amendment Act 1997 (here)
Privacy
Amendment Act 1998 (here)
Privacy
Amendment Act 2000 (here)
The
Statutes Amendment Bill 2000 amends the
Privacy Act to secure a finding from the European Commission
that New Zealand provides an "adequate level of protection"
for the purposes of the EU Data Protection Directive (discussed
here). Existing NZ legislation
does not restrict transborder movement of personal data,
a key feature of the EU privacy regime and the basis of
Safe Harbour agreements
with Canada and the US.
The new legislation will also remove existing restrictions
on data access or correction. At the moment data access
and correction is restricted to New Zealand citizens,
permanent residents or applicants at the time of the request.
studies
Studies of the NZ regime include Paul Roth's Privacy
Law & Practice (Wellington: Butterworths 1998)
and The Privacy Act (Wellington: GP Publications
1994) by Elizabeth Longworth & Tim McBride.
next page (Asia)
|
Ketupa
