Law Commission of New Zealand Review of Privacy Act 1993
The final report was Stage 4 of the Commission's review of privacy legislation in New Zealand. Stages 1 through 3 looked at privacy values, changes in technology, international trends, and the adequacy of New Zealand's civil and criminal law to deal with invasions of privacy.
"The Commission thinks the Act could be improved in a number of areas. Among the key recommendations of the report are that:
-the Privacy Commissioner’s powers should be augmented by a new power to issue compliance notices, and, where there is a good reason for it, to require an audit of an agency’s information-handling practices;
-the complaints process under the Act should be streamlined in a number of respects, including giving the Privacy Commissioner the power to make binding decisions on complaints about people’s right to access their own personal information;
-agencies should be required to notify people when personal information held by an agency is lost or otherwise compromised (for example, through computer hacking), if the breach is sufficiently serious;
-there should be a new framework in the Act to allow the sharing of personal information between government agencies where it is in the public interest to do so, but with appropriate safeguards; and
-some exceptions to the privacy principles should be modified, for example to clarify that people can pass on information to an appropriate person where someone’s health is seriously at risk, or report suspected offending to the police."