Privacy & Cybersecurity Law Blog

Wotton Kearney reports that on September 23, 2025, the New Zealand Privacy Amendment Act 2025, which introduces new privacy notification requirements that will become effective May 1, 2026, received royal assent.

On August 24, 2023, 12 data protection authorities published a joint statement calling for the protection of personal data from unlawful data scraping. The statement was issued by the authorities of Argentina, Australia, Canada, Colombia, Hong Kong, Jersey, Mexico, Morocco, New Zealand, Norway, Switzerland and the UK. The joint statement reminds organizations that personal data that is publicly accessible is still subject to data protection and privacy laws in most jurisdictions, and highlights the risks facing such data, including increased risk of social engineering or phishing attacks, identify fraud, and unwanted direct marketing or spam.

On June 26, 2020, New Zealand Justice Minister Andrew Little announced that the bill to repeal and replace New Zealand’s existing Privacy Act 1993 (the “Privacy Bill”) had passed its third reading in Parliament. The Privacy Bill received royal assent on June 30, 2020.

On May 24, 2019, New Zealand-based online asset exchange, Cryptopia Limited, filed a petition under Chapter 15 of the United States Bankruptcy Code seeking recognition of its New Zealand liquidation proceeding in the United States. On the same day, the United States Bankruptcy Court for the Southern District of New York granted provisional relief to Cryptopia, including extending the benefits of the automatic stay to prevent creditors or other parties in interest from taking actions to interfere with Cryptopia’s assets. The court will conduct a hearing on Cryptopia’s petition to recognize its New Zealand liquidation proceeding on June 25, 2019 in New York.