Sorry if this has been raised elsewhere.
I am doing a quick research assignment for uni and was hoping to find out a few things. My assignment is on electronic communications. Specifically on the storage and perceptions of overload side of it but anything is useful.
Firslty, are there any regulations in NZ similar to the Public Records Act 2005 that regulate how long digital records are kept or what types of communications should be kept. I have heard stories that the US does but so far havent found anything relating to NZ.
Secondly does anyone know what an average corporate entity in NZ would require in terms of server capacity.
There are a number of common law and statutory requirements for retention of records. These include, for example,
the common law duty to preserve discoverable evidence when one is sued or has a "reasonable" expectation of being sued;
For Government entities, the Public Records Act;
For Corporations & Companies, the Companies Act and specific regulations;
for everyone, various acts pertaining to taxation and auditing / verification of information provided on tax returns;
recofds of business transactions necessary to verify the transaction.
There are, in addition, specific constraints on the retention of some types of records / and informantion. For example, personal information (information which does / may identify a natural person) can be retained and used only for the purpose provided (there are exceptions for some information provided to governmental authorities), and can be retained only for so long as reasonably necessary for that original purpose.
This means, for example that communications providers can retain information concerning communications for billing purposes only so long as the resulting billing may be disputed. They can collect billing-oriented information about individual communications or sessions, but they cannot, absent a warrant, collect (or even intercept, for that matter) the content of the communications.
There are several acts which cover this, but the main ones are the Privacy Act and the various portions of the Telecommunication Act(s).
Communications providers who provide services to the public must provide facilities to facilitate lawful interception of communications (including data communications) by authorised law enforcement agencies when authorised / directed by warrant or other specific statuatory authority (e.g. by the security services on authorisation by the Prime Minister acting as the Minister responsible for the SIS). These facilities may be used only under specific authorisation. This, interestingly, could raise questions about the legality of the use of, for example, Deep Packet Inspection (DPI) technologies and the collection, retention and use of some types of server logs by ISPs and telecommunications service providers in New Zealand...
I'm sure that this isn't a complete view of the requirements, but might give you a place to get started.