Skip to main content
You are here: News


The following news feed provides an overview of the current activities and news from APPA members.

The articles on this page are updated regularly from members’ news and media pages. If you have any questions or concerns about the content contained in the articles, please contact the respective member. You can locate members’ details underneath each article or on our Contact us page.


FTC Announces Annual Update of Size of Transaction Thresholds for Premerger Notification Filings and Interlocking Directorates

For 2019, the size-of-transaction threshold for reporting proposed mergers and acquisitions under Section 7A of the Clayton Act will adjust from $84.4 million to $90 million. Also, the 2019 thresholds under Section 8 of the Act that trigger prohibitions on certain interlocking memberships on corporate boards of directors are $36,564,000 for Section 8(a)(l ) and $3,656,400 for Section 8(a)(2)(A).

The FTC revises the thresholds annually, based on the change in gross national product. The revised thresholds under Section 7A of the Clayton Act will apply to all transactions that close on or after the effective date of the notice, which is 30 days after its publication in the Federal Register. The thresholds for Section 8 of the Clayton Act become effective upon publication in the Federal Register. A complete listing of current thresholds can be found on the FTC’s website, and will be updated once the revised thresholds are published in the Federal Register. The announcement of this year’s revised thresholds was delayed due to the recent federal government shutdown.

The votes to approve the Federal Register notices announcing the threshold revisions were both 5-0. (FTC File No. P859910; the staff contact for Section 7A is Nora Whitehead, Bureau of Competition, 202-326-3262; the staff contact for Section 8 is James Mongoven, Bureau of Competition, 202-326-2879.)

The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about how competition benefits consumers or file an antitrust complaint. Like the FTC on Facebook, follow us on Twitter, read our blogs, and subscribe to press releases for the latest FTC news and resources.

Federal Trade Commission, United States
Source: Press Release Feed
15 Feb 2019, 11:00pm AEDT

Privacy in the news (8-14 February 2019)

Welcome to our latest weekly round-up of privacy stories.

Facebook 'doubling down' on privacy abuse: NZ watchdog

Facebook is celebrating its 15th anniversary this week, lauding a decade and a half that has seen it gain around 2 billion users for its services, which now include Instagram, WhatsApp and a budding virtual reality platform, Oculus. But NZ Privacy Commissioner John Edwards isn't quite ready to join in the celebrations. Read more here.

Landlords group acknowledges potential privacy breach

A landlords group is defending a register it keeps of people with court convictions. The South Canterbury Property Investors' Association has been collating court case information published in the Timaru Herald since 1993 - and making the information available to its paying members. But the association’s president has admitted the group has not maintained the list as it should have. Read more here.

When is a hack not a hack?

The South Canterbury Property Investors' Association collection of the private details of renters is one thing, sharing them with members is something else but exposing them to the internet for all the world to see is potentially a breach of the Privacy Act. It is also a timely wake up call to anyone who runs a website or maintains private information on a database, writes ITP Techblog editor Paul Brislen. Read more here.

Privacy failure: 'She felt vulnerable and unimportant'

The Privacy Commissioner has criticised a social service agency which took more than a year to apologise for an error that led to a woman being bullied by her work colleagues. The unnamed agency had sent a letter to her work address, despite knowing from an earlier complaint that her employer opened all the staff's mail. Read more here.

Person with wrong sex on birth certificate feels 'like a fraud'

A gender non-binary person trying to correct the sex on their birth certificate has spent six months communicating with the Births, Deaths and Marriages office, with little success. Read more here.

What is biometrics? And why collecting biometric data is risky

Biometrics has the potential to make authentication dramatically faster, easier and more secure than traditional passwords, but companies need to be careful about the biometric data they collect. Read more here.

Your smart light can tell Amazon and Google when you go to bed

As Amazon and Google work to place their smart speakers at the center of the internet-connected home, both technology giants are expanding the amount of data they gather about customers who use their voice software to control other gadgets. But some device makers are pushing back, saying automatic device updates don’t give users enough control over what data they share, or how it can be used. Read more here.

Netflix has saved every choice you’ve ever made in ‘Black Mirror: Bandersnatch'

When you gaze into Black Mirror’s Bandersnatch, it also gazes into you. It’s no secret that Netflix tracks what its users watch and how long they watch it, but Bandersnatch gave Netflix a unique opportunity to let the streaming giant learn what its users wanted in real time. Read more here.

Stolen intimate photos will come out - don’t look at them

We live in an era rich with sexual documentary evidence. Mass text-messaging combined with the rapid spread of hand-held cameras and photo-sharing technology have produced a world where every sexual relationship has a much higher likelihood of producing its own historical record than the trysts of a generation ago. Read more here.

Image credit: Kittiwake gull via John James Audubon's Birds of America

Office of the Privacy Commissioner, New Zealand
Source: Blog
15 Feb 2019, 1:05pm AEDT

FTC to Host Forum on Small Business Financing

The Federal Trade Commission will host a forum on small business financing on May 8, 2019, to examine trends and consumer protection issues in this marketplace, including the recent proliferation of online loans and alternative financing products.

Small businesses are an integral part of the U.S. economy, and they often need financing in order to operate and grow.  While some business owners can secure loans from banks or other traditional lenders, many businesses must turn to alternative sources for capital.  In recent years, the online marketplace for small business financing has offered a wide variety of products, including term loans, lines of credit, and cash advances. Though some options may provide unique benefits, such as quicker access to capital, some of these products also raise consumer protection concerns, like high costs and potentially unclear terms.  Unfortunately, there have also been reports of deception and other harmful practices by some companies offering small business financing.

The FTC’s event, Strictly Business: An FTC Forum on Small Business Financing, will gather a variety of stakeholders to examine this industry, including the different types of products available to small businesses, the benefits of these products, and possible consumer protection concerns.  The forum will also examine how the FTC Act, other laws, and self-regulatory frameworks may apply to companies offering these products.

In advance of the forum, the FTC is considering potential panelists.  If you wish to participate as a panelist, please email any relevant information to

The forum, which is free and open to the public, will be at the Constitution Center, 400 7th St., SW, Washington, D.C.  It will be webcast live on the FTC’s website.  A full schedule and other details on the forum will be announced shortly.  No pre-registration is needed.

The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about consumer topics and file a consumer complaint online or by calling 1-877-FTC-HELP (382-4357). Like the FTC on Facebook, follow us on Twitter, read our blogs, and subscribe to press releases for the latest FTC news and resources.

Federal Trade Commission, United States
Source: Press Release Feed
14 Feb 2019, 11:00pm AEDT

FTC Announces March 2019 Session on International Engagement as Part of its Hearings on Competition and Consumer Protection in the 21st Century

The 11th session of the Federal Trade Commission’s Hearings Initiative, “The FTC’s Role in a Changing World,” will focus on the agency’s international work. The hearing will take place in Washington, D.C. on March 25-26, 2019.

The session will explore the FTC’s international role in light of globalization, technological change, and the increasing number of competition, consumer protection, and privacy laws and enforcement agencies around the world. Speakers will address the implications of international developments on the FTC’s work on behalf of American consumers. The session will be held at the FTC’s headquarters building at 600 Pennsylvania Ave., NW, Washington, DC in room 432.

At the hearing, the FTC will consider:

  • The effectiveness of the FTC’s enforcement cooperation tools and approaches in light of new challenges in competition, consumer protection, and privacy matters;
  • Approaches to promoting international policy coordination and best practice development; and
  • Strategies for international enforcement and policy engagement given today’s dynamic global marketplace.

To deepen its understanding of these issues, the agency seeks public comment on the questions listed below, and welcomes input on other related topics.

The FTC’s Tools and Approaches for International Engagement

  1. How effective are the FTC’s tools and approaches in addressing international investigative, enforcement, and policy challenges and opportunities?
  2. What strategies should competition, consumer protection, and privacy agencies use to achieve convergent or interoperable policies and consistent or complementary enforcement outcomes?
  3. How should the FTC engage internationally regarding its competition, consumer protection, and privacy enforcement priorities in light of changes in the economy, evolving business practices, new technologies, and international developments?

Enforcement Cooperation

  1. What factors contribute to either more or less effective enforcement cooperation in consumer protection, privacy, and competition matters?
  2. How can cross-border enforcement cooperation be strengthened? What are the obstacles to such cooperation?
  3. How might the FTC use additional authority, tools, and approaches to ensure more effective enforcement cooperation?
  4. How well have the U.S. SAFE WEB Act and the International Antitrust Enforcement Assistance Act served their international enforcement cooperation objectives? 
  5. Are there tools or approaches available to enforcement agencies in other fields or jurisdictions that might be adapted to improve the FTC’s enforcement cooperation?
  6. What effects do data regulations have on cross-border information sharing, cooperation, and enforcement in competition, consumer protection, and privacy cases?

Policy and General International Cooperation

  1. What role should "soft law" (e.g., best practices/ guiding principles) play in promoting convergence or interoperability in policy approaches?
  2. How do differing views on the roles of government, self-regulation, and private enforcement affect policy development and enforcement cooperation?
  3. How do differences in institutional design affect agency enforcement and policy cooperation?

Engagement Regarding Emerging Technologies

  1. How can the FTC best work with foreign agencies to develop effective policies on competition, consumer protection, and privacy concerning emerging technologies, such as artificial intelligence?  What are the challenges?
  2. From a practical perspective, what are the consequences of having differing approaches internationally to competition, consumer protection, and privacy enforcement around artificial intelligence and other emerging technologies?

International Engagement in a Changing Global World

  1. What are the most important issues on which the FTC should engage with foreign counterparts and international organizations?
  2. How can the FTC continue to be a leader internationally, including on emerging issues?
  3. In light of international and technological developments, how can the FTC ensure the continued effectiveness of its technical assistance program?
  4. What tools or approaches of foreign competition, consumer protection, or privacy agencies could benefit the FTC’s international program?
  5. How should the FTC interact with other U.S. government agencies regarding issues raised by foreign competition, consumer protection, and privacy policy and enforcement?
  6. What roles can the private sector and civil society play in light of new challenges in competition, consumer protection, and privacy matters?
  7. How can the private sector foster accountability for international transfers of consumer data?

Comments can be submitted online and are due by 11:59 pm, May 31, 2019. If any entity has provided funding for research, analysis, or commentary that is included in a submitted public comment, such funding and its source should be identified on the first page of the comment.

The FTC Hearings on Competition and Consumer Protection in the 21st Century will accommodate as many attendees as possible; however, admittance will be limited to seating availability. Reasonable accommodations for people with disabilities are available upon request. Request for accommodations should be submitted to Elizabeth Kraszewski via email at or by phone at (202) 326-3087. Such requests should include a detailed description of the accommodation needed. Please allow at least five days advance notice for accommodation requests; last minute requests will be accepted but may not be possible to accommodate.

The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about consumer topics and file a consumer complaint online or by calling 1-877-FTC-HELP (382-4357). Like the FTC on Facebook, follow us on Twitter, read our blogs, and subscribe to press releases for the latest FTC news and resources.

Federal Trade Commission, United States
Source: Press Release Feed
14 Feb 2019, 11:00pm AEDT

Commissioner announces PrivacyRight program for the private sector

BC Information and Privacy Commissioner Michael McEvoy announced a new initiative to assist private organizations with understanding their obligations under the Personal Information Protection Act (PIPA). PrivacyRight will consist of a variety of educational tools to raise awareness of and compliance with PIPA.

Office of the Information and Privacy Commissioner, British Columbia
Source: OIPC News and Events
14 Feb 2019, 7:00am AEDT

What a winning Privacy Trust Mark application looks like

Since we launched the Privacy Trust Mark in May 2018, we’ve received several applications as well as a number of enquiries about how to apply and what to include in the application.

We want to reward and encourage privacy excellence and innovation and help you submit the best application. So, what should a Trust Mark application include?

When you apply for a Privacy Trust Mark

Be specific

Tell us what your product or service is and how it enhances privacy in as much detail as possible. For example, you could explain how the product or service works, who the target customer or user base is, and how they normally use your product or service.

Tell us about the excellent or innovative aspects

Focus on how your product or service is excellent or innovative in one or more of the eight criteria categories. Tell us what makes your product or service truly stand out beyond basic compliance with the privacy principles.

Eight criteria categories

Your product or service doesn’t have to be excellent or innovative in all eight categories to be considered (although it must be compliant in all eight categories). For example, a product like Trade Me’s transparency reporting may not be ‘excellent’ in the security area because that isn’t relevant to its functions:

Trade Me’s transparency reporting

Or a product may be innovative in the way it provides users access to their information, but only compliant in all other areas.

Include supporting documentation

Include documentation of any privacy impact assessments, security or penetration testing, external audits, or user testing that you mention in your application.

Give us an idea of your agency’s privacy culture

While the Privacy Trust Mark is for a product or service, it’s useful for us to get an idea of how your agency deals with privacy generally. Tell us whether you:

  • have privacy training for staff
  • have a privacy officer
  • encourage reporting of data breaches
  • consult our office on proposals and projects.

What not to do

Apply with a product or service that’s just privacy compliant

We’re pleased you are complying with your legal requirements. However, the Trust Mark is designed to reward agencies that go above and beyond to make privacy a primary consideration in their product or service.

Tell fibs

Don’t tell us you’ve done something if you haven’t. Providing evidence of the actions you’ve taken will make your application stronger.

Apply with a product or service that doesn’t exist yet 

We can only properly assess your product or service for a Trust Mark if you’ve launched it, or at least tested it with potential users.

If you have a great idea for a privacy enhancing product or service, our policy team welcomes consultations on proposals:


Use technical jargon

Write your application in clear, plain language.

Where to apply

Find out more about the Trust Mark, including criteria, FAQs and how to apply:

Applying for the Privacy Trust Mark

If you have a question about the Trust Mark you can contact our enquiries line:


We look forward to receiving your application!

Office of the Privacy Commissioner, New Zealand
Source: Blog
14 Feb 2019, 6:46am AEDT

How secure is your dating profile?

Love may be a game of chance, but you shouldn’t gamble with your personal information. 

Keep your dating profile secure with these tips to protect your personal information, and stop hackers from making you unlucky in love.

Office of the Australian Information Commissioner
Source: News - OAIC
13 Feb 2019, 11:43pm AEDT

Back to school FAQs

As schools and students begin another busy academic year, we often receive enquiries from teachers and other school staff about what they can and can't do with student information. So we've bundled some of these questions and the answers together in the FAQs below. If you are a school teacher or principal reading this, we hope they are a help to you. 

Can a school give student information to a DHB dental service?

Yes, it can but the school should inform parents and caregivers that it will be doing so.

District health boards (DHBs) collect student details for a lawful purpose connected with a function or activity of being a health agency. In this instance it is to deliver free dental services to children.

DHB dental services use school rolls to cross check with their own records so they can pick up children who might not be enrolled or whose details are out of date. There are obvious benefits for students in receiving dental health care and a low likelihood of any harm arising from the disclosure of student details to the DHB.

The school should review and consider the purposes for which it collects and uses student information and ensure that those purposes have been communicated to parents. If on review a school finds that parents are not aware that information may be provided to the DHB for delivering dental services, the school should notify parents and caregivers through a blanket communication like the school newsletter or special update.

We also recommend the school update its policy on the purposes that student information will be used for, if this is missing from its existing policy.

Can a school publish a child’s information?

Under the Privacy Act, the starting point for schools is that you must look after your students’ information and not release that information to third parties, unless that is one of the reasons for collecting it or you have been given clear permission to do so. 

Schools need to make their purposes clear when they collect information from students and parents. Schools should be open and transparent about how they intend to use student information; this should also apply to photos or any other type of recording. 

Many schools use photos of students in school publications, websites and on social media pages. When a child enrols in a school, the school usually asks parents to confirm that the school can use information, including photos of students, in its publications. 

Students should be able to opt out of having their photos used by the school. A student or his or her family’s refusal to have photographs or other personal information published on a school’s website or internet is not a ground to refuse enrolment. It is an optional activity and consent should be obtained. 

Can a school put parent details in a school directory?

Yes, you can but parents or caregivers should have the opportunity to be left out of the directory if they choose to.

School directories can be extremely useful to parents and caregivers. As one correspondent to our office put it, they can be invaluable in a scheduling crisis, for arranging last-minute pickups or for alerting other parents to an issue like a cancelled playdate or ‘that it’s mufti day tomorrow!’. The primary value is in giving parents a way to contact each other should a need arise.

Under the Privacy Act, an agency should tell individuals what it intends to do with personal information when it collects it. However, this minimum legal requirement may not be enough to protect the vulnerable, or to maintain good relations in the community. For example, if someone has escaped from a domestic violence situation, publishing their contact details could put them at risk.

To manage this privacy risk, schools need to examine the process behind their directories. The most privacy friendly approach is to get the active consent of the parent, but low return rates often means this is unattractive. At the very least give parents or caregivers the opportunity to opt out. This could mean telling parents that their information will be published in the directory unless they explicitly say they don’t want it to be published.

How does a school respond to a request for a student’s information?

In most cases, agencies are entitled to provide parents or guardians with information about their child. The Privacy Act allows a student’s information to be provided to parents and guardians because this is one of the purposes for which a school holds and uses information about children.

The Education Act is also relevant because it requires schools to report if there is anything affecting a student’s progress or harming the student’s relationships. 

This does not mean that parents are automatically entitled to all information schools hold about their child. There are times when information may remain confidential between the school and a student (such as for instance, discussions with a guidance counsellor).

We encourage agencies to take a pragmatic approach when dealing with requests for information from a child’s parent or caregiver. When dealing with older children, an important consideration will be whether the child is willing for their parent or caregiver to see the information.

Can a teacher tell someone if they are concerned about a child’s wellbeing?

If you have concerns about a child’s safety or wellbeing, you can report this to an appropriate person in your school and to an outside agency like Police or the Ministry for Children Oranga Tamariki. 

The law specifically allows for such reports to be made. Section 15 of the Oranga Tamariki Act says: “Any person who believes that any child or young person has been, or is likely to be, harmed (whether physically, emotionally, or sexually), ill-treated, abused, neglected, or deprived may report the matter to the chief executive (of Oranga Tamariki) or a constable.” 

Section 16 of the Act says that if you have made a report in good faith under section 15, you are protected against any civil, criminal or disciplinary proceedings as a result.

The Privacy Act also allows agencies and individuals to disclose information to prevent or lessen a serious threat to a child. That’s because an exception permits the use or disclosure of personal information where the use or disclosure is necessary to prevent or lessen the risk of a serious threat to someone’s safety, wellbeing or health.

If you want to rely on this exception, you should only disclose information to the person, body or agency which is able to do something to prevent or lessen the threat. You should also disclose only the information you need to make it clear why you believe there is a serious threat.

All these FAQs and many more can also be found on our AskUs privacy resource. You can find it here.

Image credit: School education learning via Wikimedia Commons.

Office of the Privacy Commissioner, New Zealand
Source: Blog
13 Feb 2019, 2:26pm AEDT

BC political parties aren’t doing enough to explain how much personal information they collect, and why

Information and Privacy Commissioner Michael McEvoy has found that political parties aren’t doing enough to explain to individuals how much personal information they collect, and why. The findings were published in Investigation Report P19-01: Full Disclosure: Political parties, campaign data, and voter consent.

Office of the Information and Privacy Commissioner, British Columbia
Source: OIPC News and Events
7 Feb 2019, 7:00am AEDT

Notifiable Data Breaches for October – December 2018

The latest quarterly report from the Office of the Australian Information Commissioner (OAIC) shows 262 data breaches involving personal information were notified between October and December 2018.

Office of the Australian Information Commissioner
Source: News - OAIC
6 Feb 2019, 10:30pm AEDT

BC’s Information and Privacy Commissioner, Ombudsperson, and Merit Commissioner call for changes to enhance Legislative Assembly accountability and transparency

BC’s Information and Privacy Commissioner, Ombudsperson, and Merit Commissioner are calling for statutory changes to increase transparency and accountability of the administration of the Legislative Assembly.

Office of the Information and Privacy Commissioner, British Columbia
Source: OIPC News and Events
6 Feb 2019, 7:00am AEDT

Data Breach Notifications and ICT-related Complaints at Record Highs in 2018 Data Security as Key Concern Privacy Commissioner Advocates Data Ethics and Privacy Management Accountability to Build Mutual Trust and Respect Complementing Compliance with Law

Office of the Privacy Commissioner for Personal Data, Hong Kong
Source: Office of the Privacy Commissioner for Personal Data
31 Jan 2019, 11:00am AEDT

Privacy Commissioner Releases Inspection Report on Personal Data Systems of Private Tutorial Services Industry to Encourage Organisations in Enhancing Data Stewardship and Sharing Mutual Fairness, Respect and Benefit with Customers

Office of the Privacy Commissioner for Personal Data, Hong Kong
Source: Office of the Privacy Commissioner for Personal Data
28 Dec 2018, 11:00am AEDT

Privacy Commissioner Receives Credit Data Breach Notification

Office of the Privacy Commissioner for Personal Data, Hong Kong
Source: Office of the Privacy Commissioner for Personal Data
28 Nov 2018, 11:00am AEDT

Don't fall for it! Be vigilant this Black Friday

Black Friday and Cyber Monday are among the biggest shopping events of the year. But they also present some of the greatest opportunities for potential thieves and scammers.

Before tapping in your credit card details to grab an online bargain, check these tips for protecting your personal information, and don’t fall for a deal that’s too good to be true.

Office of the Australian Information Commissioner
Source: News - OAIC
23 Nov 2018, 3:51am AEDT