The Marketing Association will be holding its annual Smarter Data Event in March. If you are a marketer working with confidential customer data then this event is for you. Here, they highlight details on privacy law reforms – to be discussed in detail at the event.
Then you should be aware of this extract of a recent report from the Privacy Commissioner to the Minister of Justice. Although the current legislation only came into force in December the Commissioner is proposing further significant changes. These changes will give consumers a great deal more power in how their personal details are managed by marketers. You might as well start preparing now because it’s ’odds-on’ the Minister will listen to these proposals
Here is the extract:
Further privacy law reform proposals
“The replacement of the previous Privacy Act was largely a response to a major review of privacy law by the Law Commission, completed in 2011. The Privacy Act 2020 modernises New Zealand privacy law and addresses some significant gaps in the previous legislation. The Commissioner will use the new powers in the Act to actively address non-compliance and promote good privacy practice.
However, technological, social and other developments affecting privacy have continued apace since the policy work for the Privacy Act 2020 was undertaken. Further changes are desirable to respond to these developments. In some respects, New Zealand’s privacy law has also not kept pace with comparable legislation in our major trading partners and other countries with which we commonly compare ourselves. The Privacy Commissioner therefore considers there is a need for further privacy law reform. Due to the rapid pace of change, further reforms are best considered and implemented as issues come to light, rather than following another wholesale review of the Privacy Act.
The Commissioner made the case for further changes to the Privacy Act in his 2017 report on the Act to the Minister of Justice and in his 2018 submission on the Privacy Bill. Some key reforms recommended by the Commissioner that have not yet been implemented are:
Data portability. The right of individuals to access their personal information should be strengthened by introducing a right of personal information portability. OPC is contributing to the current consideration of a consumer data right by the Ministry of Business, Innovation and Employment.
Right to be forgotten. A ‘right to be forgotten’ (for example, to have personal information delinked from search engine results) should be introduced. This right would protect individuals from the public availability of personal information that is offensive or otherwise harmful. It would support the existing privacy right of individuals to correct their personal information and the requirement that agencies only use information if they have checked its accuracy.
Re-identification. Safeguards should be introduced to protect individuals against the risk of being identified from information that has purportedly been de-identified.
Algorithms. New provisions in the Act should limit harm from automated decision-making and provide greater transparency about the use of algorithms in making decisions about individuals.
Civil penalties. There should be a power for a court to impose a civil penalty of up to $100,000 for serious or ongoing breaches of the Privacy Act.
Compliance reporting. The Privacy Commissioner should have a power to require agencies to report on the steps they are taking to comply with the Act.
The Commissioner would be happy to brief you on these proposed reforms.”
The Marketing Association will have a panel to discuss these and other data issues at its annual SMARTER DATA EVENT on March 24.
This article is published In Association with Marketing Association.