As an independent Crown entity, the Commission has been entrusted with powers for gathering and using information including:

  • to detect, investigate and prosecute criminal offending and take civil enforcement action
  • to prevent, investigate and respond to regulatory non‑compliance.

As required by the State Services Commission’s model standards for information gathering, this transparency statement explains how the Commission gathers information for these purposes under the:

  • Commerce Act 1986
  • Fair Trading Act 1986
  • Dairy Industry Restructuring Act 2001
  • Telecommunications Act 2001
  • Credit Contracts and Consumer Finance Act 2003
  • Fuel Industry Act 2020
  • Retail Payment System Act 2022

In addition, the Commission takes appropriate steps to respond to and mitigate threats to the physical security of staff, or the security of information or places. New Zealand Police are contacted in relation to serious and specific security threats.

What information we collect and how we collect it

We gather information from a variety of sources. Many different parties may hold information, such as an investigated party, other market participants, the public, experts, and other third parties. Sometimes we also use information that is available in the public domain.

We seek all reasonably available relevant information, and we base our decisions on the information before us. We collect information using methods that include:

  • gathering publicly available information
  • general engagement with stakeholders, such as workshops
  • information that is volunteered or provided proactively to the Commission such as complaints and whistle blowers
  • attending seminars and forums
  • visiting traders’ premises to observe representations being made
  • mystery shopping or ‘test purchases’
  • social media monitoring
  • requesting or receiving information, including documents
  • conversations in person or over the phone
  • setting disclosure requirements for regulated businesses
  • conducting interviews
  • executing searches under warrant or otherwise
  • inspections without a warrant to assess product safety compliance.

We may also gather information from other agencies where it is lawful and reasonable to do so, including issuing requests under Principle 11(e) of the Privacy Act 2020 to:

  • other Government agencies (such as Department of Internal Affairs, and Immigration New Zealand)
  • the Combined Law Agency Group (CLAG).

We may ask persons (including companies and other entities) to supply information or be interviewed voluntarily, or we may issue a compulsory notice if we consider it necessary or desirable to do so for a lawful purpose.

Ensuring information gathering is lawful and reasonable

The Commission takes care to exercise our information gathering powers lawfully and reasonably, and to meet our obligations under the Privacy Act 2020, Search and Surveillance Act 2012, Bill of Rights Act 1990, Code of Conduct and relevant organisation policies and procedures.

The Commission has a number of measures in place to ensure information gathering is lawful and reasonable, with sufficient consideration of individuals’ privacy, and other interests, including freedom from unreasonable search and seizure. The measures that are in place include:

  • an independent internal oversight function
  • operational guidance, policies and procedures, which include activity specific:
    • legal advice and review requirements, and legal oversight (where appropriate)
    • approval processes
  • training
  • Code of Conduct.

Where it is lawful and reasonable to do so, we may gather information by means in which a Commission representative is not immediately identifiable. Information gathering in these circumstances is subject to enhanced levels of oversight and increased internal controls to ensure it is conducted appropriately.

The Commission’s information gathering activities are also subject to external checks and balances, including complaints and review processes, and the availability of Ombudsman complaint or a ruling by the Court.

Any potential criminal offending by anyone working for, on behalf of, the Commission is reported to the New Zealand Police.

How we use information

We will only use information provided to us in a manner allowed by law, such as when considering and investigating compliance breaches, initiating our own investigations or inquiries, and determining compliance strategies.

We recognise that much of the information we receive is private, commercially sensitive, or confidential. We take steps to preserve the confidentiality of such information and to provide the appropriate protections against disclosure unless we are required to do so by law.

When we share information

When we share information with other agencies we do so lawfully, with appropriate controls and consideration of confidentiality, and in accordance with any information sharing agreements. We may, for example, share information with:

  • another domestic agency, or complaints body
  • overseas agencies
  • another party in an investigation to test information
  • New Zealand Police, or other relevant agency such as the Inland Revenue Department, where the Commission obtains information that suggests serious criminal offending in New Zealand.

In addition, where we conduct an investigation in conjunction with another enforcement agency, we may provide information to that agency. Before providing another enforcement agency with confidential information in the course of a joint investigation, we will ensure that the other agency has provided appropriate assurances that it will:

  • keep the information confidential
  • use it only for the purposes for which it is provided.

External security consultants

We may engage external security consultants to gather information to support our regulatory compliance activities. Engagement of these consultants for information gathering is subject to an organisation policy requiring senior approval and is subject to robust contractual arrangements and an independent internal oversight function.

Any external security consultant engaged by the Commission to gather information will be a licensed private investigator and required to comply with Commission policies and procedures.

Official Information Act 1982

All information held by the Commission is subject to the Official Information Act 1982, which requires that information is made available unless good reasons exist to withhold it. Requests are considered on a case-by-case basis.

Information management

The Commission has a number of policies in place to ensure compliance with legislative requirements for information management in the public sector, such as the Public Records Act 2005, and these policies are supported with appropriate levels of training and guidance.

Find out more

You can find out more about our methods for information gathering for investigatory purposes in:

Make a complaint

If you believe we have not acted in accordance with this statement, find out how you can make a complaint against the Commission.