sb-nz logo
Story image

Report: New Zealanders need to educate themselves on data rights under Privacy Act 2020

With the Privacy Act 2020 now in effect, New Zealand consumers need to educate themselves on the rights they’ve just gained in regards to their data and privacy, according to NortonLifeLock.

Earlier this year, NortonLifeLock’s Cyber Safety Insights Report found that New Zealanders are split on who should be held most responsible for ensuring personal information and data privacy are protected. Nearly 4 in 10 (38%) believe the government should be held most responsible, while one-third (33%) put the burden on companies, followed closely by individual consumers (29%). 

The Privacy Act 2020 now delivers consumers the tools to help understand and manage the data that companies are collecting about them and the government now has the tools to enforce the law. 

“The act has given The Office of the Privacy Commissioner some weapons to ensure the privacy of New Zealanders is protected," says Mark Gorrie, senior director, Asia Pacific, NortonLifeLock. 

“If a business is found to be collecting too much or inappropriate personal data, selling or sharing it inappropriately, or has lost control of data due to negligence – the act lets the Privacy Commissioner take action against an offender and seek financial penalties," he says.

"It’s much more power than the office has had in the past, and it delivers a mechanism to help New Zealanders protect their personally identifiable information.” 

According to Gorrie, these are the top tips New Zealander can do to keep data safe. 

Check what information a company is collecting and how they’re using it. 
Don’t be afraid to navigate the many clicks it may take to find out what a company’s privacy policy says. If you want to know the data that a company is going to collect, check their policy or even contact them directly. They are required to disclose this information under the new law.

If you want to know if your facial or location data is used for more than just unlocking your device or showing restaurants nearby, check the privacy policy or request this information.

Ask a company to show you the information they have about you, correct anything that’s incorrect, and even request to be deleted. 
If a company, such as a social media site, has been collecting data on you and you want to see it – ask for it. Social media companies collect mountains of data about individuals, if you want to know what it is, request that data. Companies that conduct business in New Zealand, even if they’re based outside the country, need to comply with the new law. 

"The Privacy Act 2020 gives you the right to correct any information about you. You can engage with a company and fix any incorrect information such as financial or medical information," says Gorrie.

"The act does not include the ‘right to be forgotten’, but you can and should request that a company delete the information it holds about you if you feel the data may be misused, mishandled, or simply wish it gone," he says.

"Lay a complaint to the Privacy Commissioner if you think a company has breached a privacy principle or caused you significant harm. 

"If you think a company has lost or misused your data, is refusing to provide you with the information you are requesting, make a complaint to the Privacy Commissioner," Gorrie says.

"The new law gives them the tools to assess your issue and even facilitate an agreed settlement." 


Story image
Imperva unveils new data security platform built for cloud
"The cloud has revolutionised IT, offering organisations a strategic opportunity to rapidly pursue new market initiatives and adapt their operations in the face of new business challenges."More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
The mirrored world: Digital twins redefine business intelligence
The world’s most visionary leaders will use technology to master change and shape the future.More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More
Story image
New wormable Android malware discovered through auto-replies in WhatsApp
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. More