@AppDefects Within New Zealand, COVID-19 has delayed the revised privacy bill through Parliament.
However, some of the highlights include: Mandatory breach disclosure where serious harm has occurred - currently it is bury one's head in the sand and hope it goes away.
2) Individuals and organisations cannot destroy or hide information, when it is requested - which has happened before. There is a penalty attached to this now.
3) The NZ $10,000 maximum penalty which has been something of a joke as many organisations just put it down to a slush fund expense. However, the individual can make a claim in the Human Rights Tribunal, which has a maximum penalty of NZ $320,000, but the downside is it can take two years for the Ministry of Justice to process it.
4) The Privacy Commissioner can request and enforce compliance, which would be a public embarrassment.