Kia ora koutou,

Happy new year from Aotearoa (New Zealand)! 

The year 2000 was an eventful one for privacy: The Y2K bug we all feared failed to eventuate; reality TV took off with "Big Brother" and "Castaways" airing for the first time; more than 10 million Windows PCs were infected with the ILOVEYOU computer virus; and the International Human Genome Sequencing Consortium announced a “working draft” of the human genome. Most importantly, however, 2000 was the year the IAPP was founded. The IAPP turns 20 this year and, two decades on, it has grown into a global organization, with more than 50,000 members and an offering of products and services that truly holds our global privacy community together. 

Here in New Zealand, the IAPP’s 20th birthday is marked by a lift in local engagement with the IAPP and its services. NZ membership has now passed 200 individuals, and the number of Kiwis who see value in IAPP certifications is increasing steadily. Our KnowledgeNet chapters in Wellington and Auckland really turned it on for us last year, and I know they have some excellent events planned for 2020. My hope for this year is that we will see even more local engagement with IAPP research and publication offerings, particularly as we grapple with local and global privacy law reform. 

If, like me, you’ve taken the opportunity over the holiday period to avoid the news as much as possible, this week’s digest might be a good way to get your head back in the game. A helpful article warns people to not use the abbreviation “20” for the year on official forms and documents. Write out the entire year, “2020,” or we increase the risk of fraud. Reports continue from China of a growing concern about personal privacy and demand for greater protection — against both state and corporate actors — of the significant amount of online data China produces. There’s also a story about an Air China flight attendant who has been suspended after being accused of publishing the personal information of 20 celebrity passengers. 

Meanwhile, in New Zealand, Privacy Commissioner John Edwards launched an inquiry into the country’s largest online trading platform, Trade Me. The inquiry follows a recent update to Trade Me’s privacy policy in which it advised members that it would use their personal information for marketing purposes, even if members had previously opted out of marketing activities. The commissioner’s decision appears to support his earlier call — reiterated in his inspiring keynote speech at the 2019 IAPP ANZ Summit — for greater transparency and privacy by default. 

Finally, the