New Zealand Financial Markets Authority releases cyber security information sheet for financial services firms

June 28, 2022

The New Zealand Financial Markets Authority (“FMA”) has released an information sheet to assist financial institutions with cyber security. 

The press release provides:

The Financial Markets Authority (FMA) – Te Mana T?tai Hokohoko has published an information sheet to help financial services firms enhance the resilience of their technology and operational systems, and meet any relevant licence obligations. Read the rest of this entry »

Privacy Commissioner of New Zealand releases the guidelines on privacy and CCTV

June 12, 2022

The use of closed circuit television has been a matter of concern in for privacy commissioners in Europe and the UK for some time.  Now the Privacy Commissioner in New Zealand has provided guidance on the use of the CCTV, responding to the concerns about the use of surveillance cameras.  Unfortunately in Australia at the Federal level the Information Commissioner has showed scant interest with one short page saying pretty much nothing about the issues.  That is a pity.   The potential of privacy intrusion through the misuse of cctv technology is significant. 

The media release provides:

From our experience, putting up a CCTV or surveillance camera can get a strong reaction from the public.

Our Privacy Concerns and Sharing Data 2020 survey found 41 percent of people over 18 years old were concerned about the use of surveillance cameras.

Because CCTV captures images of people, which can be used, stored, manipulated, and disseminated, those who operate the systems need to be aware of how to manage privacy issues.

Good management of personal information is essential to the effective running of CCTV systems. Businesses can only take advantage of the full benefits available from CCTV technology if they manage their system with privacy in mind.

All organisations considering using CCTV need to be mindful of their obligations under the Privacy Act 2020. Organisations must only collect personal information if it is for a lawful purpose connected with their functions or activities, and the information is necessary for that purpose. 

We always recommend that agencies minimise the amount of personal information they collect. Any information that is collected should also be securely disposed of once it’s no longer needed for the organisation’s purpose.

The guidelines provides, with Read the rest of this entry »

New Zealand Privacy Commissioner Case note 272681 [2016] NZ PrivCmr 4:: misidentification by credit reporting agency

June 15, 2016

In Case note 272681 [2016] NZ PrivCmr 4 the New Zealand Privacy Commissioner considered the issue of misidentification by a credit reporting agency.


The Complainant underwent male-to-female gender reassignment surgery and, as woman, changed her name to match her gender.  After the name change, she applied for credit for a number of things, such as hire purchase agreements and home rentals.

The lender checked the Complainant’s information with a credit reporting agency. The agency advised that the woman had previously gone by another name.

The Complainant complained that Read the rest of this entry »

Verified by MonsterInsights