The Importance of Data Sovereignty for New Zealand Businesses.

Data Sovereignty New Zealand

Do you know where your data is stored and the laws it is governed by?

Data sovereignty is an important concept for New Zealand businesses to understand, particularly in an increasingly digital world where data is often collected, stored, and processed offshore in the public cloud.  Simply put, data sovereignty refers to the legal framework governing the collection, use, and dissemination of data within a particular jurisdiction.

Naturally, New Zealand businesses are most familiar with the laws of our nation and model their business practices within that framework. Data stored within the cloud and it’s respective offshore clusters adds an extra layer of complexity, by being governed by unfamiliar laws with potentially very different privacy considerations than those outlined in the Privacy Act 2020.

The Privacy Act 2020 (download summary) is a significant update to New Zealand’s privacy laws containing 13 privacy principles, and aims to better protect individuals’ personal information in the digital age. The Act contains new rules on data protection, including requirements for organizations to have robust privacy policies and practices in place, and to notify individuals of any privacy breaches that may affect them.

The Act also introduces new rights for individuals, including the right to request that their personal information be erased, and the right to complain to the Privacy Commissioner if they believe their privacy has been infringed.

In terms of data sovereignty, the Act reaffirms New Zealand’s commitment to protecting the privacy of individuals and regulating the collection, storage, and use of personal data within the country. The Act sets out rules for the transfer of personal information to overseas countries, including requirements for adequate safeguards to protect the privacy of individuals.

Overall, the Act is a comprehensive and modern piece of legislation that aims to protect the privacy of individuals in the digital age, while also allowing for the responsible use of personal data for legitimate purposes.

When looking at data storage, organisations should consider the following factors.

Lawful access — the laws that regulate legal access to data.

Legal institutions — the robustness of legal institutions that oversee requests for access to data.

Privacy frameworks — the protections available for personally identifiable information.

It is rare to be able to negotiate contracts for public cloud services in consideration of the above. By adhering to the data sovereignty framework for the New Zealand jurisdiction outlined in the Privacy Act, businesses can help to ensure that they are complying with their legal obligations and protecting their customers’ personal information.

Need Colocation?

For over 20 years, Xtreme Networks has been helping businesses like yours with the best internet and data centre solution in the country. 

We're well connected, thanks to our partners