Abstract
Privacy legislation premised on the individual is coming under strain as the ability to exercise control over one's information becomes an increasingly difficult task. This thesis considers whether the Privacy Act 2020 is fit for purpose in an age of big data. It also considers other responses to big data and the technologies it enables, both New Zealand's soft law approach and the regulatory responses of the European Union.
A key focus of this thesis is on the collective, public harms of big data. Uses of big data that exacerbate inequalities in society by discriminating on the grounds of race or gender, or by creating feedback loops that contribute to cycles of poverty, set back the public interest in living in thriving, prosperous societies. Very large technology companies exercise significant control over the content we view online; know a great deal about us, and thus, can influence the decisions we make. Vast amounts of personal information in the hands of a few powerful companies creates power imbalances that are harmful to democracies. The predictive power and reach of big data analytics exacerbates this problem.
This thesis draws on social conceptions of privacy that acknowledge the information externalities of personal information use. Ultimately, it concludes that privacy law's focus on the individual is conceptually flawed, inhibiting its ability to respond effectively to the risks, and benefits, of big data.