Data sovereignty is an important concept for New Zealand businesses to understand, particularly in an increasingly digital world where data is often collected, stored, and processed offshore in the public cloud. Simply put, data sovereignty refers to the legal framework governing the collection, use, and dissemination of data within a particular jurisdiction.
Naturally, New Zealand businesses are most familiar with the laws of our nation and model their business practices within that framework. Data stored within the cloud and it’s respective offshore clusters adds an extra layer of complexity, by being governed by unfamiliar laws with potentially very different privacy considerations than those outlined in the Privacy Act 2020.
The Privacy Act 2020 (download summary) is a significant update to New Zealand’s privacy laws containing 13 privacy principles, and aims to better protect individuals’ personal information in the digital age. The Act contains new rules on data protection, including requirements for organizations to have robust privacy policies and practices in place, and to notify individuals of any privacy breaches that may affect them.
The Act also introduces new rights for individuals, including the right to request that their personal information be erased, and the right to complain to the Privacy Commissioner if they believe their privacy has been infringed.
In terms of data sovereignty, the Act reaffirms New Zealand’s commitment to protecting the privacy of individuals and regulating the collection, storage, and use of personal data within the country. The Act sets out rules for the transfer of personal information to overseas countries, including requirements for adequate safeguards to protect the privacy of individuals.
Overall, the Act is a comprehensive and modern piece of legislation that aims to protect the privacy of individuals in the digital age, while also allowing for the responsible use of personal data for legitimate purposes.
Lawful access — the laws that regulate legal access to data.
Legal institutions — the robustness of legal institutions that oversee requests for access to data.
Privacy frameworks — the protections available for personally identifiable information.
It is rare to be able to negotiate contracts for public cloud services in consideration of the above. By adhering to the data sovereignty framework for the New Zealand jurisdiction outlined in the Privacy Act, businesses can help to ensure that they are complying with their legal obligations and protecting their customers’ personal information.
Cloud Storage and Colocation both rely on the resilience and reliability of data centres, so why do many businesses choose local data storage over the cloud?
For over 20 years, Xtreme Networks has been helping businesses like yours with the best internet and data centre solution in the country.
