Plain language law

New Zealand law explained for everyone

Customer and Product Data Act 2025

Regulatory and enforcement matters - Civil liability - Pecuniary penalty order

71: Maximum penalty (Tier 1)

You could also call this:

“The biggest fine you might have to pay if you break important data sharing rules”

If you break certain rules in the Customer and Product Data Act 2025, you might have to pay a fine. These rules are about:

  1. Having a computer system to share data when required
  2. Only allowing the right people to ask for data
  3. Checking that the person asking for data is who they say they are

If you don’t follow these rules, or if you try to break them, or if you help someone else break them, you could be fined. The most you might have to pay is:

  • $500,000 if you’re just one person
  • $2,500,000 if you’re a company or organisation

This text is automatically generated. It might be out of date or be missing some parts. Find out more about how we do this.

This page was last updated on

View the original legislation for this page at https://legislation.govt.nz/act/public/1986/0120/latest/link.aspx?id=LMS910688.

Topics:
Money and consumer rights > Consumer protection Business > Industry rules Business > Fair trading Rights and equality > Privacy
Previous

70: When High Court may make pecuniary penalty order, or

"When the court can make someone pay money for breaking rules"

Next

72: Maximum penalty (Tier 2), or

"Big fines for companies and people who break data rules"

Part 4 Regulatory and enforcement matters
Civil liability: Pecuniary penalty order

71Maximum penalty (Tier 1)

  1. This section applies to a contravention, an attempted contravention, or an involvement in a contravention of any of the following:

  2. section 27 (data holder must operate electronic system for providing regulated data services):
    1. section 43 (only customer, secondary user, or accredited requestor may request regulated data services):
      1. section 45 (verification of identity of person who makes request).

        1. The maximum amount of a pecuniary penalty is—

        2. $500,000 for a contravention, an attempted contravention, or an involvement in a contravention by an individual; or
          1. $2,500,000 in any other case.