MinterEllisonRuddWatts

Send us your feedback
In this episode, privacy law specialists Richard Wells and Suzy McMillan consider the legal framework governing data retention and destruction and how organisations can strike the right balance between regulatory compliance and commercial practicality in the age of big data.
[00:37] Richard and Suzy talk about the growing challenges organisations face in a data driven era, where the temptation to store information indefinitely can lead to significant privacy, security, and compliance risks.
[02:07] Richard and Suzy outline the regulatory framework that governs data retention, focusing on Information Privacy Principle (IPP) 9 of the Privacy Act 2020, which acts to restrict organisations from holding personal information longer than is required for its lawful use, and how this interacts with statutory minimum retention periods found in employment, tax, health and companies’ legislation.
[05:10] They consider how to determine when data should be deleted once those statutory minimums expire, focusing on IPPs 1, 5, 9 and 10 and what constitutes a “lawful use” for continued retention, emphasising the positive obligation on agencies to justify continued retention. 
[08:10] Suzy sets out some practical steps organisations can take to meet their compliance obligations, including establishing effective data retention policies and schedules that categorise data types, identify the legal basis for data retention, specify destruction methods and responsibility and prioritise high risk data such as personal, financial, and sensitive information.
[10:31] Richard highlights the importance of privacy by design in this context: embedding retention rules into new systems from the outset.
[14:25] They discuss recent incidents where organisations holding excessive legacy data found their exposure significantly amplified when a breach occurred, before closing with a practical reminder that the goal is balance - retaining information long enough to meet legal and business obligations, but not so long as to create unnecessary or disproportionate risk.
 
Information in this episode is accurate as at the date of recording, 5 March 2026.
 
Please contact Richard Wells, Suzy McMillan or our Privacy team if you need legal advice and guidance on any of the topics discussed in the episode. 
And don’t forget to rate, review or follow MinterEllisonRuddWatts wherever you get your podcasts. You can also email us directly at [email protected] and sign up to receive technology updates via your inbox here.  
 
Additional resources 
Privacy Act 2020
For show notes and additional resources visit minterellison.co.nz/podcasts

Send us your feedback
In this episode, Banking Senior Associate Emma Geard, speaks with Philip Bruno, Chief Strategy and Growth Officer at ACI Worldwide, about payments modernisation – what it is, why it matters for New Zealand right now, and the global lessons that can help guide successful implementation.
[01:14] Emma and Philip discuss ACI Worldwide's global role in payments modernisation, including its work providing payments infrastructure software and services to banks and central banks across more than 90 countries.
[02:04] They consider why payments modernisation is becoming increasingly important for New Zealand. Philip notes that although New Zealand has a strong and highly digital economy, its payments system has not fully kept pace, particularly in relation to instant payments. Emma and Philip discuss how modernisation would help ensure the payments ecosystem supports that digital strength, boosting economic growth, enabling faster everyday transactions, and positioning New Zealand to take advantage of future innovation.
[03:11] Emma and Philip explore the broader scope of payments modernisation beyond simply increasing speed. Philip explains that modern payment systems include not only instant, irrevocable fund transfers but also richer messaging and information layers that automate business processes delivering efficiency gains. He adds that modern infrastructure also paves the way for new consumer and commerce innovations, including fast peer to peer payments and seamless one click purchasing.
[05:45] Philip and Emma examine global adoption trends, highlighting Denmark as a standout success story whose approach to payment modernisation offers valuable lessons for other countries.
[07:48] Emma asks Phil about the most important  decisions that could aid New Zealand’s modernisation program. Phil outlines three key lessons from overseas: build with modern, modular infrastructure; prioritise the consumer and business applications that will drive adoption and real usage; and ensure incentives are aligned across the value chain so all participants have a sustainable business case to invest.
[10:01] Lastly, they talk about the importance of designing fraud architecture into the system from the outset rather than retrofitting it later, which has proved a challenge in other jurisdictions.

Information in this episode is accurate as at the date of recording, 9 March 2026.

Please contact Emma Geard or our Banking team if you need legal advice and guidance on any of the topics
For show notes and additional resources visit minterellison.co.nz/podcasts

Send us your feedback
For show notes and additional resources visit minterellison.co.nz/podcasts

Send us your feedback
In this episode, Partner Richard Wells and Senior Associate Sarah Redding from our Corporate and Commercial team discuss Heads of Agreement (HOA) and Letters of Intent (LOI), examining why parties turn to them, what can go wrong, and steps to take to ensure these preliminary documents work for you, rather than against you.
[01:09] Richard and Sarah explain how HOAs and LOIs function as preliminary documents, typically used in situations where there is commercial urgency to quickly define the parameters of a transaction, setting out the key commercial terms of a deal before the parties negotiate a full long form agreement.
[03:06] Sarah considers the commercial appeal of these types of documents - how their speed, flexibility, and ability to signal commitment can rapidly build deal momentum, but notes that this can come at a cost. She then highlights the major risk: the “gap problem,” where such high level drafting leaves out essential terms, creating uncertainty and exposing parties to unforeseen issues further down the track.
[04:19] Richard talks about the confusion that can arise around which parts of an HOA or LOI are legally binding and how this is legally determined.
[05:28] They discuss how signing an HOA or LOI can often slow momentum toward a full formal agreement, as early performance can create a “deal feels done” mindset. This can result in these preliminary documents governing the parties’ relationship for much longer than originally intended and a risk that they are locked into arrangements that were never intended to be the final word.
[07:43] Sarah outlines practical steps parties can take to protect themselves when entering into such documents, including evaluating whether an HOA or LOI is actually necessary in the first instance, being explicit about binding terms, using sunset clauses, and involving lawyers early.

Information in this episode is accurate as at the date of recording, 24 February 2026.

Please contact Richard Wells or our Corporate and Commercial team if you need legal advice and guidance on any of the topics discussed in the episode. 
And don’t forget to rate, review or follow MinterEllisonRuddWatts wherever you get your podcasts. You can also email us directly at [email protected] and sign up to receive technology updates via your inbox here.  
For show notes and additional resources visit minterellison.co.nz/podcasts

Send us your feedback
In this episode, Technology Partner Tom Maasland and Litigation Partner Andrew Horne examine AI through an insurance risk lens, discussing what insurers are most concerned about, how those concerns are evolving, and what professional firms and businesses need to do to stay insurable as AI use becomes mainstream.
[01:07] Tom and Andy reflect on how recent insurer conversations have shifted from traditional cyber security concerns to AI taking centre stage, with insurers increasingly focused on how AI related risks translate into real world liabilities and claims exposure.
[02:51] Andy talks through insurers’ concerns that professionals may place reliance on AI generated work without adequate human oversight, highlighting cases where hallucinated outputs have resulted in court sanctions, regulatory referrals, reputational harm, and financial loss.
[06:35] They then examine other examples of AI failures beyond the legal profession, noting some high profile examples from consulting, health, and retail where poorly supervised AI tools or use of AI has caused harm, embarrassment, or safety risks, reinforcing insurers’ fears about unintended consequences when AI systems lack adequate guardrails.
[09:44] Tom and Andy consider what happens when confidential and privileged information is entered into generative AI systems from an insurance risk perspective, prompting discussion on data training, contractual protections, enterprise grade closed circuit AI tools, and the growing risk of IP infringement or third-party confidentiality breaches.
[12:17] Andy discusses insurers’ expectations for clear AI guidelines and policies, staff training and human oversight, noting that despite increasing AI adoption, many New Zealand businesses are still well behind on risk frameworks and compliance as reported in Datacom’s 2025 State of AI Index Research Report.
[13:55] Lastly, they consider how AI insurers might assess AI risk in the future, highlighting that they are likely to follow the cyber insurance model, asking increasingly detailed questions about AI purpose, governance, security, provenance, and regulatory awareness, with potential impacts on premiums, exclusions, and coverage availability.
 
Information in this episode is accurate as at the date of recording, 30 January 2026.
 
Please contact Andrew Horne, Tom Maasland or our Litigation team if you need legal advice and guidance on any of the topics discussed in the episode. 
And don’t forget to rate, review or follow MinterEllisonRuddWatts wherever you get your podcasts. You can also email us directly at [email protected] and sign up to receive technology updates via your inbox here. 
 
Additional resources
Datacom's 2025 State of AI Index Research Report 
MinterEllisonRuddWatts publication: AI risks: What do insurers wa
For show notes and additional resources visit minterellison.co.nz/podcasts