Our transparency report is out!

Each year we release the Domain Name Commission Transparency Report to help the public understand what actions we take that have a potential impact on user’s rights and also release figures on the uptake of the .nz privacy option. 

As a Wellington, New Zealand-based charity, we are subject to the Privacy Act 2020 (New Zealand legislation). The Commission may be subject to requests for information from third parties under principle 11(e) of the Privacy Act which permits release of information on the basis of maintenance of the law. 

What is a transparency report?

A Transparency Report helps the public understand what actions an agency takes that may have a potential impact on user’s rights and will include information regarding disclosure of personal information. 

Our report includes every request we had for personal information between 1 July 2021 and 30 June 2022. This includes requests we receive for our domain name holder’s personal information that can’t be accessed through a .nz query search.

Key Stats from our 2022 Transparency Report

• 101,336 domain names have the individual registrant privacy applied (as at 30 June 2022) which is up from 96,360 (as at year end 30 June 2021).
• Requests for data from third parties were 2 in the year ending 30 June 2022. The previous year there had been 1. 
• No Requests from the New Zealand Police were received.
• There were 175 domain name suspensions for invalid registration details.

Read the full 2021/2022 Transparency Report.

Why do we share data with third party agencies?

It is very rare for the Commission to receive requests from third parties for personal information. 

The Commission will share personal information when we are permitted or required by law and it’s part of minimising harm to the public or individuals. We may share personal information with law enforcement agencies, particularly those with the objective of helping keep the .nz domain name space safe, trusted, and secure. 

Regulators, law enforcement agencies, and some Government agencies may request personal information such as domain name audit history from time to time to help them uphold their legal obligations.  

Under a production order, we have to provide whatever the production order specifies, and with a request under principle 11(e) of the Privacy Act, we’re able to work with the requestor to be sure the request is narrow and relevant and only provide exactly what they need.  

We also have the ability to push back on requests under the Privacy Act if we believe the request is too broad.

How we protect your personal information and data

We are committed to balancing the free flow of publicly available .nz registration data through our public search function of the .nz register with respecting individual privacy applied to a .nz domain name holder’s registration record. 

We are currently implementing InternetNZ further policy reforms to strengthen privacy as part of the end to end .nz policy reform. Importantly, from 1 November 2022, a domain name holder’s contact email will no longer be displayed when the privacy option is applied. You can read about the proposed privacy changes to the .nz rules on the InternetNZ website.

We only release information when it’s lawfully requested of us under New Zealand law and we consider it appropriate.  

We have strong data privacy protection measures and security to keep information safe and secure.  

In addition to reviewing our annual transparency reports, we encourage you to learn more about the steps we’ve taken over the year to keep .nz fair for everyone by checking out our annual report, our shopsafe webshop and partnerships we are building with the online safety community to keep members of the public safe online.