Plain language law

New Zealand law explained for everyone

This page is about a bill. That means that it's not the law yet, but some people want it to be the law. It could change quickly, and some of the information is just a draft.

Customer and Product Data Bill

Regulatory and enforcement matters - Civil liability - Defences

91: General defences for person in contravention

You could also call this:

“Ways to defend yourself if you're accused of breaking a rule in the Customer and Product Data Bill”

This part of the bill talks about ways you can defend yourself if you’re accused of breaking a rule in the Customer and Product Data Bill. Here’s what it says:

You might not be in trouble if you can prove that you relied on information someone else gave you and it was reasonable to do so. This could be a good defence.

You might also be okay if two things are true: First, you broke the rule because of something someone else did, or because of an accident, or because of something you couldn’t control. Second, you took sensible steps to try not to break the rule.

It’s important to know that when it talks about “someone else”, it doesn’t mean your boss, your employees, or anyone acting for you.

There are some exceptions to these defences. If you’re accused of breaking the rules in section 27 or section 28 about keeping data reliable and available, you can’t use the second defence we talked about.

The bill also explains that “CPD reliability and availability requirement” means any rules about keeping data reliable and available that are written in the regulations or standards for this law.

This text is automatically generated. It might be out of date or be missing some parts. Find out more about how we do this.

This page was last updated on

View the original legislation for this page at https://legislation.govt.nz/act/public/1986/0120/latest/link.aspx?id=LMS944562.

Previous

90: No pecuniary penalty and criminal penalty for same conduct, or

“You can't be punished twice for the same mistake”

Next

92: Defence for contraventions due to technical fault, or

“What happens if a technical problem causes a company to break data rules?”

Part 4 Regulatory and enforcement matters
Civil liability: Defences

91General defences for person in contravention

  1. In any proceeding under this subpart against a person (A) for a contravention of a civil liability provision, it is a defence if A proves that—

  2. A’s contravention was due to reasonable reliance on information supplied by another person; or
    1. both of the following apply:
      1. A’s contravention was due to the act or default of another person, or to an accident or to some other cause beyond A’s control; and
        1. A took reasonable precautions and exercised due diligence to avoid the contravention.

        2. For the purposes of subsection (1)(a) and (b), another person does not include a director, an employee, or an agent of A.

        3. Subsection (1)(b) does not apply to a contravention of—

        4. section 27; or
          1. section 28 to the extent that it requires a data holder to comply with a CPD reliability and availability requirement.

            1. In this section and section 92, CPD reliability and availability requirement means a requirement that is prescribed by the regulations or standards in connection with reliability or availability (or both) and that is specified by those regulations or standards for the purposes of this section.