Identifying, reporting, and reviewing privacy breaches, and acting when individual or systemic issues are identified, is vital to ensuring that a strong privacy culture exists. 

Technology developments can be challenging to privacy laws. We all know our phones are powerhouses of data collection, and that our data is the key asset for big tech. But we don’t always know what data is being collected, nor how it is being used.

In July 2017, our office made two short videos featuring the Privacy Commissioner promoting child safety and describing what people can do if they think a child is at risk. It is a crucial feature of the Privacy Act that people can disclose personal information to prevent or lessen a serious risk or threat to another individual. This is especially the case with children because they are among the most vulnerable members of our community and society.

An Auckland Powershop customer did the right thing by checking her credit report after the company said she was in arrears, even though she was up to date with her payments. A news story reported on Stuff demonstrates the impact wrong repayment information can have on an individual, particularly when it shows up on their credit report. It also highlights the importance of regularly checking your credit report to ensure the information on it is correct.

Please note - this article is under review.
Section 54 was a provision in the 1993 Privacy Act, which was replaced in December 2020 by the Privacy Act 2020. Section 30 of the 2020 Act is the equivalent provision. This provision allows is for an agency (the one that holds the information) to apply for authorisation to disclose information in very specific circumstances and where there is a significant public interest in doing so. 

Reviewed for relevance April 2025.

Investigating complaints is an important function of our office and a considerable part of our workload. When we receive a complaint, we make an initial assessment about what steps we will take next. In some circumstances, we will investigate. In other instances, our office may decline to investigate.

One of the most persistent problems of privacy and data protection in the digital age moving the responsibility from consumers needing to read terms and conditions for services they’re using to those services clearly explaining the choices and consequences that consumers have. We all know the problem, and it has been presented in several very striking ways.  We’ve seen researchers print out and measure the length of the privacy policies and terms and conditions of popular services.