Home
Services
Expertise
Our Work Case Studies Workshops About Blog Contact
OpenComply NZ Version 1.0 版本 1.0 Last updated 31 May 2026 最后更新于 2026 年 5 月 31 日

An open framework for AI compliance in New Zealand. 适用于新西兰的 AI 合规开放框架。

Helps New Zealand organisations choose compliant AI providers, and helps model and inference providers meet New Zealand's privacy, security and legal standards. 帮助新西兰机构选择合规的 AI 供应商,同时帮助模型及推理服务供应商满足新西兰的隐私、安全与法律标准。

A joint framework by HighFlyer and ContinuityNZ . 由 HighFlyer 与 ContinuityNZ 共同制定的框架。

Scope 范围

AI compliance and provider assessment AI 合规与供应商评估

Audience 适用对象

NZ organisations and AI providers entering the market 新西兰机构及希望进入新西兰市场的 AI 供应商

Status 状态

Public framework 公开框架

Not legal advice 不构成法律建议

This is general information compiled from public sources, not legal advice. Neither HighFlyer Technologies Limited nor ContinuityNZ Limited is a law firm. For decisions with legal or financial consequences, confirm the current position with a qualified New Zealand privacy or legal advisor. 本页面内容系基于公开来源整理的一般信息,不构成法律建议。HighFlyer Technologies Limited 与 ContinuityNZ Limited 均非律师事务所。对于可能产生法律或财务后果的决策,请向合资格的新西兰隐私或法律顾问确认当前立场。

About OpenComply NZ 关于 OpenComply NZ

A shared standard for AI compliance and provider selection AI 合规与供应商选型的共同标准

OpenComply NZ is a plain-language framework summarising the compliance, privacy and security standards that apply to AI models and inference services in New Zealand. It is designed for two audiences: New Zealand organisations selecting a provider, and model and inference providers who want to enter the New Zealand market.

OpenComply NZ 是一份以简明语言编写的框架文件,梳理了适用于新西兰 AI 模型及推理服务的合规、隐私与安全标准。该框架面向两类受众:遴选供应商的新西兰机构,以及希望进入新西兰市场的模型及推理服务供应商。

The framework combines HighFlyer's technology evaluation of AI providers, models, integrations and deployment options with ContinuityNZ's compliance assessment of privacy, security, continuity and regulatory obligations.

该框架结合了 HighFlyer 对 AI 供应商、模型、集成方式及部署选项的技术评估,以及 ContinuityNZ 对隐私、安全、业务连续性及监管义务的合规评估。

It separates obligations for public sector agencies from those that apply to private businesses, because the two are governed by different instruments. New Zealand has deliberately chosen not to enact a standalone AI Act. Instead, AI is governed through existing laws, most importantly the Privacy Act 2020, supported by risk-based guidance.

该框架将公共部门机构与私营企业的义务分开说明,因为两者受不同工具约束。新西兰有意没有制定单独的“AI 法案”。AI 主要通过现有法律治理,尤其是 2020 年《Privacy Act》,并由基于风险的指导加以支持。

The goal is to reduce compliance uncertainty so organisations can assess providers on their merits: capability, value, data protection and fit. A clearer framework helps avoid default lock-in to a small number of familiar vendors and gives local, smaller and specialist providers a fairer hearing.

目标是减少合规方面的不确定性,让机构能基于供应商的能力、价值、数据保护水平及适配性进行综合评估。更清晰的框架有助于避免默认绑定少数熟悉的大型供应商,也为本地、小型及专业供应商创造更公平的竞争环境。

OpenComply NZ also addresses the gap between chatbot-style AI pilots and integrated AI adoption. The larger opportunity is AI embedded into the systems people already use, from council services and small businesses to classrooms, clinics and front-line operations.

OpenComply NZ 还弥合了"聊天机器人式 AI 试点"与"真正的集成式 AI 落地"之间的差距。更大的机遇在于把 AI 嵌入人们日常使用的系统中——从市政服务、小企业,到教室、诊所和一线运营场景。

1. Shared legal foundation 1. 共同法律基础

Baseline obligations that apply to everyone 所有机构均须履行的基础义务

These apply to any public or private organisation using AI in a way that touches personal information. 无论公共或私营机构,只要其使用 AI 涉及个人信息,均需遵守以下义务。

Privacy Act 2020

The Privacy Act 2020 is the single most important instrument for AI in New Zealand. It applies whenever an organisation collects, uses, stores or discloses personal information, and it applies to overseas providers doing business in New Zealand. 2020 年《Privacy Act》是新西兰 AI 领域最重要的法律。只要机构收集、使用、存储或披露个人信息,该法即适用;在新西兰开展业务的境外供应商亦受其约束。

IPP What it requires 要求内容 Why it matters for AI providers 对遴选 AI 供应商的启示
IPP 1-4 Collect personal information only for a lawful, necessary purpose; collect it fairly and directly. 仅可为合法且必要之目的收集个人信息;应以公平方式并尽可能直接向本人收集。 Do not feed personal data into a model for a purpose it was not collected for. 请勿将个人数据输入模型,用于超出原始收集目的之外的用途。
IPP 5 Store information securely with reasonable safeguards. 以合理的安全措施妥善保存信息。 The provider must offer strong technical and organisational security. 供应商须提供强有力的技术与组织安全管控措施。
IPP 6 & 7 Individuals can access and correct their information. 个人有权访问并更正其个人信息。 You must be able to locate, retrieve and correct data held or processed by the AI. 机构须能够定位、调取并更正 AI 持有或处理的数据。
IPP 8 Check accuracy before use. 使用前检查信息准确性。 Guard against AI hallucinations and inaccurate outputs about real people. 防范 AI 针对真实个人产生幻觉或不准确输出。
IPP 9-11 Limits on retention, use and disclosure. 对保留、使用和披露设定限制。 Confirm the provider will not train on, retain, or re-disclose your data. 确认供应商不会将机构数据用于训练模型,亦不会保留或再次披露该等数据,除非已获得明确授权。
IPP 12 Cross-border disclosure controls. 跨境披露控制。 Most LLM providers process data offshore, making this the key provider-selection clause. 大多数 LLM 供应商均在境外处理数据,因此该条款是遴选供应商时的关键考量。
IPP 13 Restrictions on unique identifiers. 对唯一标识符的使用设限。 Do not let the model assign or expose unique identifiers improperly. 避免让模型不当分配或泄露唯一标识符。

Mandatory breach notification 强制性泄露通知

If a privacy breach is likely to cause serious harm, the Office of the Privacy Commissioner and affected individuals must be notified as soon as practicable. Provider contracts should give fast breach visibility. 若隐私泄露可能造成严重损害,须尽快通知隐私专员办公室及受影响人士。供应商合同应确保机构能迅速掌握泄露情况。

IPP 3A from 1 May 2026 2026 年 5 月 1 日起的 IPP 3A

The Privacy Amendment Act 2025 adds a new notification obligation when personal information is collected indirectly, which is relevant when AI systems ingest data from secondary sources. 2025 年《Privacy Amendment Act》新增了间接收集个人信息时的通知义务。这一点与从次级来源摄取数据的 AI 系统尤为相关。

IPP 12: the make-or-break clause for LLMs IPP 12:决定 LLM 合规成败的关键条款

Storing or processing personal information on a server outside New Zealand counts as disclosure to an overseas party. Because nearly all major LLM providers process data offshore, IPP 12 is usually the deciding compliance test. 将个人信息存储或处理于新西兰境外服务器,通常等同于向境外第三方披露。由于几乎所有主流 LLM 供应商均在境外处理数据,IPP 12 通常是决定合规与否的关键测试。

1

The receiving party is subject to privacy laws that provide comparable safeguards to the Privacy Act. 接收方受制于提供与《Privacy Act》同等保障的隐私法律。

2

The receiving party is in a prescribed country recognised as comparable. 接收方位于被认定为具有可比保护水平的“指定国家”。

3

You have a contract, such as model contract clauses, requiring comparable safeguards. 组织与接收方签订合同,例如示范合同条款,要求其提供同等保障。

4

The individual expressly authorises the disclosure after being told their information may not be comparably protected. 个人在获知其信息可能无法获得同等保护后,明确授权该披露。

Practical note: prefer providers offering a Data Processing Agreement, a no-training commitment, and ideally a data-residency or in-region processing option. The Privacy Commissioner publishes model contract clauses and a Principle 12 decision tree to help organisations meet this obligation. 实务建议:建议优先选择可提供数据处理协议、承诺不将数据用于训练,并最好能提供数据驻留或区域内处理选项的供应商。隐私专员办公室已发布示范合同条款及 Principle 12 决策树,协助机构履行此项义务。

Companies Act 1993 《1993 年公司法》

All businesses operating in New Zealand are required to register under the Companies Act 1993. Directors must act in good faith and in the best interests of the company, exercise care, diligence and skill, avoid reckless trading, and only incur obligations where they believe the company can perform them. 所有在新西兰经营的企业均须依据《1993 年公司法》注册成立。董事须诚信行事,并以公司最佳利益为重,履行合理谨慎、勤勉及技能之义务,避免鲁莽交易,且仅在合理相信公司有能力履行时才承担义务。

Financial markets conduct 金融市场行为监管

The Financial Markets (Conduct of Institutions) Amendment Act 2022 came fully into force on 31 March 2025. Banks, insurers and non-bank deposit takers must be licensed for their general conduct toward consumers and maintain effective fair-conduct programmes. 2022 年《金融市场(机构行为)修正法》已于 2025 年 3 月 31 日全面生效。银行、保险公司及非银行存款机构须就其面向消费者的一般行为取得牌照,并维持有效的公平行为方案。

Climate-related disclosures 气候相关披露

New Zealand launched its climate-related disclosure regime in 2021. Large financial institutions and qualifying listed issuers must report annually on climate-related risks and opportunities. 新西兰于 2021 年启动气候相关披露制度。大型金融机构及合资格上市发行人须每年披露气候相关风险与机遇。

Anti-money laundering and countering financing of terrorism 反洗钱与反恐融资

The Anti-Money Laundering and Countering Financing of Terrorism Act 2009 and associated regulations remain the foundation of New Zealand AML/CFT obligations, supervised by the Reserve Bank, Financial Markets Authority, and Department of Internal Affairs. 2009 年《反洗钱和打击恐怖主义融资法》及相关法规是新西兰 AML/CFT 义务的基础,由储备银行、金融市场管理局及内政部监管。

Regulatory Standards Act 2025 《2025 年监管标准法》

The Regulatory Standards Act 2025 commenced on 1 January 2026. It establishes principles to guide the development of laws and regulations, including justification, economic benefit and fair compensation principles. 2025 年《监管标准法》于 2026 年 1 月 1 日生效。该法确立了立法与制定法规时应遵循的原则,包括正当性、经济效益及公平补偿原则。

Hazardous substances and EPA requirements 危险物质与 EPA 要求

Companies handling hazardous chemicals must register key business and product information and submit annual reports on substance quantities under the Hazardous Substances (Importers and Manufacturers) Notice 2015, as amended. 处理危险化学品的公司须依据经修订的 2015 年《危险物质(进口商及制造商)通知》登记关键业务及产品信息,并提交物质数量年度报告。

Māori representation and rights 毛利代表权与权利

New Zealand has Māori representation statutes covering Māori land, te reo Māori, separate Māori electorates and other rights and privileges relevant to public decision-making and data governance. 新西兰设有多项涉及毛利代表权的法律,涵盖毛利土地、毛利语、独立毛利选区,以及涉及公共决策和数据治理的其他权利与特权。

Other shared legal overlays 其他共同法律覆盖层

Public Records Act 2005, Human Rights Act 1993, Copyright Act 1994, Fair Trading Act 1986, consumer law, and the OECD AI Principles all remain relevant when AI affects records, people, creative works, consumer claims or public accountability. 当 AI 涉及公共记录、个人权益、创作作品、消费者主张或公共问责时,2005 年《公共记录法》、1993 年《人权法》、1994 年《版权法》、1986 年《公平交易法》、消费者保护法及 OECD AI 原则均可能适用。

2. Public sector 2. 公共部门

Additional requirements for agencies 公共机构的额外要求

Government departments, agencies, and to varying degrees Crown entities and local government carry obligations beyond the shared foundation. These are largely mandatory for core public service agencies. 政府部门、公共机构,以及在不同程度上适用的 Crown entities 与地方政府,除共同基础义务外,还须遵守额外要求。这些要求对核心公共服务机构大多为强制性。

NZISM NZISM

The New Zealand Information Security Manual is the government manual on information security. Public sector ICT systems must go through certification and accreditation before new technology, including AI services, is adopted and on an ongoing basis. 《新西兰信息安全手册》(NZISM)是政府信息安全标准手册。公共部门 ICT 系统在采用 AI 服务等新技术之前,以及持续运行期间,均须通过认证与认可流程。

Protective Security Requirements 保护性安全要求

The PSR is the Cabinet-mandated framework covering governance, personnel, physical security and information security. Agencies must classify information and handle, store and dispose of it according to the Government classification system. PSR 是内阁授权的框架,涵盖治理、人员、实体及信息安全。机构须对信息进行分类,并依据政府分类制度进行处理、存储及处置。

Cloud-First Policy and data sovereignty 云优先政策与数据主权

Under the refreshed 2023 Cloud First policy, agencies are expected to use public cloud where appropriate, but must complete risk assessment, address data sovereignty, and document where data is stored and processed. 根据 2023 年更新的 Cloud First 政策,机构应在适当情况下优先采用公有云,但须完成风险评估、妥善处理数据主权问题,并记录数据的存储及处理地点。

Public Service AI Framework 公共服务 AI 框架

The February 2025 Public Service AI Framework sits under the National AI Strategy and sets expected standards for continuous improvement, human-centred design, transparency, fairness, privacy, safety and security. 2025 年 2 月发布的公共服务 AI 框架隶属于国家 AI 战略,为持续改进、以人为本的设计、透明度、公平性、隐私、安全与保障设定预期标准。

Te Tiriti and Māori data sovereignty Te Tiriti 与毛利数据主权

Treaty of Waitangi commitments and Māori perspectives should inform AI ethics, bias and data governance. Māori data is treated as taonga requiring culturally grounded protection. 应将《怀唐伊条约》承诺及毛利视角纳入 AI 伦理、偏见防范和数据治理。毛利数据被视为 taonga,须受到基于文化背景的保护。

Other public-sector instruments 其他公共部门工具

GCPO privacy guidance, the Algorithm Charter, and the Official Information Act 1982 shape how agencies document, explain and disclose AI-assisted work. GCPO 隐私指引、算法宪章及 1982 年《官方信息法》均会影响机构记录、解释及披露 AI 辅助工作的方式。

3. Private sector 3. 私营部门

What applies to businesses 企业的合规要求

Private businesses are not bound by NZISM, the PSR or the Public Service AI Framework. Their hard legal obligations come mainly from the Privacy Act 2020, supplemented by voluntary but strongly encouraged guidance. 私营企业不受 NZISM、PSR 及公共服务 AI 框架的约束。其硬性法律义务主要源自 2020 年《Privacy Act》,并辅以自愿但强烈建议遵循的指引。

1

Mandatory Privacy Act compliance 强制性 Privacy Act 合规

All 13 IPPs apply, with IPP 12 as the central test when offshore LLM providers process personal information. Businesses must appoint a Privacy Officer, honour access and correction requests, and comply with serious-harm breach notification. 全部 13 项 IPP 均适用;当境外 LLM 供应商处理个人信息时,IPP 12 是核心合规测试。企业须任命隐私官,处理访问及更正请求,并遵守达到严重危害门槛时的强制性泄露通知要求。

2

Privacy Commissioner AI expectations 隐私专员 AI 期望

Senior leadership sign-off, lawful purpose, Privacy Impact Assessment, transparency, human review, and bias and accuracy checking are expected before AI is used with personal information. 在将 AI 用于个人信息前,须取得高层领导的签署批准、明确合法目的、开展隐私影响评估、保持透明、安排人工审核,并检查偏见与准确性。

3

Responsible AI Guidance for Businesses 企业负责任 AI 指南

New Zealand’s voluntary July 2025 business guidance is structured around organisational readiness, data governance and AI-system-specific controls. It signals good practice for regulators and boards. 新西兰于 2025 年 7 月发布的自愿性企业指南,围绕组织准备度、数据治理及 AI 系统专属控制措施展开。该指南为监管机构和董事会树立了良好实践标准。

4

Sector overlays 行业覆盖要求

Financial services, health information, biometrics and other regulated contexts may add obligations from RBNZ, FMA, the Health Information Privacy Code, the Biometrics Processing Privacy Code and other sector rules. 金融服务、健康信息、生物识别及其他受监管场景,可能受到 RBNZ、FMA、《健康信息隐私准则》、《生物识别处理隐私准则》及其他行业规则的额外约束。

4. Public vs private at a glance 4. 公共与私营一览

Which standards apply? 各项标准的适用情况

The table summarises whether each standard is mandatory, expected, voluntary or not applicable for each sector. 下表概述各项标准在不同部门中的适用性质:强制、建议、自愿或不适用。

Standard / requirement 标准 / 要求 Public sector 公共部门 Private sector 私营部门
Privacy Act 2020 + 13 IPPs Privacy Act 2020 + 13 项 IPP Mandatory 强制性 Mandatory 强制性
IPP 12 cross-border check IPP 12 跨境检查 Mandatory 强制性 Mandatory 强制性
Mandatory breach notification 强制性泄露通知 Mandatory 强制性 Mandatory 强制性
Appoint a Privacy Officer 任命隐私官 Mandatory 强制性 Mandatory 强制性
Human Rights / anti-discrimination 人权 / 反歧视 Mandatory 强制性 Mandatory 强制性
NZISM certification and accreditation NZISM 认证与认可 Mandatory 强制性 Not required; useful reference 非强制,可供参考
Protective Security Requirements 保护性安全要求 Mandatory 强制性 Not applicable 不适用
Cloud-First risk assessment 云优先风险评估 Mandatory 强制性 Not applicable 不适用
Public Service AI Framework 公共服务 AI 框架 Expected, non-binding 建议遵循,非强制 Not applicable 不适用
GenAI Guidance for Public Service 公共服务 GenAI 指南 Expected, non-binding 建议遵循,非强制 Not applicable 不适用
Te Tiriti / Māori data sovereignty Te Tiriti / 毛利数据主权 Required obligation 必须履行 Encouraged good practice 鼓励作为良好实践
Algorithm Charter 算法宪章 Voluntary for signatories 签署方自愿遵循 Not applicable 不适用
Responsible AI Guidance for Business 企业负责任 AI 指南 Useful reference 可供参考 Expected, voluntary 建议遵循,自愿
Privacy Commissioner AI expectations 隐私专员 AI 期望 Expected 建议遵循 Expected 建议遵循
OECD AI Principles OECD AI 原则 Foundational 基础性原则 Foundational 基础性原则

5. Practical checklist 5. 实用清单

Questions to ask before choosing an AI provider 选择 AI 供应商前应厘清的问题

Use these prompts before procurement, pilot approval or production rollout. The goal is to make provider risk visible before personal, sensitive or regulated data is introduced. 请在采购、试点审批或正式投产前,逐项审视以下问题。目标是在引入个人、敏感或受监管数据之前,使供应商风险清晰可见。

Decision focus 决策重点

Data control 数据控制
Contract safeguards 合同保障
Human oversight 人工监督
  1. 01

    Is AI data governance documented, including data ownership, control, privacy, security, lawful sourcing, permissions, retention, deletion, auditability and transparency? 是否已记录 AI 数据治理安排,包括数据所有权、控制权、隐私、安全、合法来源、授权、保留、删除、可审计性及透明度?

  2. 02

    What third-party supply-chain risks sit behind the provider or model? 供应商或模型背后有哪些第三方供应链风险?

  3. 03

    Where is data stored and processed? Is in-region or data-residency available? 数据在何处存储及处理?是否提供区域内处理或数据驻留选项?

  4. 04

    Does the provider commit in writing not to train on your data? 供应商是否以书面形式承诺不会将贵机构数据用于模型训练?

  5. 05

    Is a Data Processing Agreement available with IPP 12-comparable safeguards, or model contract clauses? 是否提供载有 IPP 12 同等保障的数据处理协议,或示范合同条款?

  6. 06

    What are the data retention and deletion terms? Can you delete on request? 数据保留及删除条款为何?能否应要求删除?

  7. 07

    How quickly are you notified of a security or privacy breach? 发生安全或隐私事件时,供应商将在多长时间内通知贵机构?

  8. 08

    What certifications does the provider hold, such as ISO 27001, ISO 27701, ISO 42001 or SOC 2? 供应商持有哪些认证,如 ISO 27001、ISO 27701、ISO 42001 或 SOC 2?

  9. 09

    For public sector use, is NZISM-mapped documentation available? 公共部门使用时,是否提供映射至 NZISM 的文档?

  10. 10

    Who owns the inputs and outputs, and what are the IP and copyright terms? 输入与输出内容归谁所有?知识产权及版权条款如何规定?

  11. 11

    Can the system’s decisions be explained and audited? 系统决策是否可解释且可审计?

  12. 12

    Have you completed a Privacy Impact Assessment for this use case? 是否已针对该使用场景完成隐私影响评估?

  13. 13

    Is there a human-in-the-loop review step for consequential decisions? 对于具有重大影响的决策,是否设有人工审核环节?

  14. 14

    For public sector use, has the system been through certification and accreditation and considered Māori data sovereignty? 公共部门使用时,系统是否已通过认证与认可,并充分考虑毛利数据主权?

References 参考资料

Source material 参考来源

Sources are numbered in the order they first appear in the original document. As New Zealand AI guidance is updated regularly, always confirm the current version. 资料按其在原始文件中首次出现的顺序排列。鉴于新西兰 AI 指引会定期更新,请务必核实最新版本。

  1. Privacy Act 2020 https://www.legislation.govt.nz/act/public/2020/0031/latest/LMS23223.html
  2. Privacy Principles: The 13 Information Privacy Principles https://www.privacy.org.nz/privacy-act-2020/privacy-principles/
  3. Principle 12: Disclosure of Personal Information Outside New Zealand https://www.privacy.org.nz/privacy-principles/12/
  4. Disclosing Personal Information Outside New Zealand https://www.privacy.org.nz/responsibilities/disclosing-personal-information-outside-new-zealand/
  5. New Zealand Information Security Manual https://nzism.gcsb.govt.nz/
  6. NZISM overview, National Cyber Security Centre https://www.ncsc.govt.nz/what-we-do/regulations-and-standards/nzism/
  7. Information Security and the NZISM, Protective Security Requirements https://www.protectivesecurity.govt.nz/guidance/information-security/nzism
  8. Public Service AI Framework 2025 https://docref.digital.govt.nz/nz/generative-ai-guidance-gcdo/public-service-ai-framework/2025/en/
  9. Responsible AI Guidance for the Public Service: GenAI https://www.digital.govt.nz/standards-and-guidance/technology-and-architecture/artificial-intelligence/responsible-ai-guidance-for-the-public-service-genai/customer-experience/privacy
  10. Library of Congress: New Zealand GenAI public service guidance https://www.loc.gov/item/global-legal-monitor/2025-05-15/new-zealand-new-guidance-released-on-generative-ai-use-in-the-public-service/
  11. Māori AI Governance Framework https://www.kahuiraraunga.io/maoriaigovernance
  12. AI and the Information Privacy Principles https://www.privacy.org.nz/assets/New-order/Resources-/Publications/Guidance-resources/AI-Guidance-Resources-/AI-and-the-Information-Privacy-Principles.pdf
  13. New Zealand’s AI Strategy: Investing with Confidence https://www.mbie.govt.nz/business-and-employment/economic-growth/digital-policy/new-zealands-ai-strategy-investing-with-confidence
  14. Data Protection Laws of the World: New Zealand https://www.dlapiperdataprotection.com/index.html?t=law&c=NZ
  15. Artificial Intelligence: Standards and Guidance https://www.digital.govt.nz/standards-and-guidance/technology-and-architecture/artificial-intelligence
  1. 2020 年《Privacy Act》 https://www.legislation.govt.nz/act/public/2020/0031/latest/LMS23223.html
  2. 隐私原则:13 项信息隐私原则 https://www.privacy.org.nz/privacy-act-2020/privacy-principles/
  3. 原则 12:向新西兰境外披露个人信息 https://www.privacy.org.nz/privacy-principles/12/
  4. 向新西兰境外披露个人信息 https://www.privacy.org.nz/responsibilities/disclosing-personal-information-outside-new-zealand/
  5. 《新西兰信息安全手册》 https://nzism.gcsb.govt.nz/
  6. NZISM 概览,国家网络安全中心 https://www.ncsc.govt.nz/what-we-do/regulations-and-standards/nzism/
  7. 信息安全与 NZISM,保护性安全要求 https://www.protectivesecurity.govt.nz/guidance/information-security/nzism
  8. 2025 年公共服务 AI 框架 https://docref.digital.govt.nz/nz/generative-ai-guidance-gcdo/public-service-ai-framework/2025/en/
  9. 公共服务负责任 AI 指南:GenAI https://www.digital.govt.nz/standards-and-guidance/technology-and-architecture/artificial-intelligence/responsible-ai-guidance-for-the-public-service-genai/customer-experience/privacy
  10. 国会图书馆:新西兰公共服务 GenAI 指南 https://www.loc.gov/item/global-legal-monitor/2025-05-15/new-zealand-new-guidance-released-on-generative-ai-use-in-the-public-service/
  11. 毛利 AI 治理框架 https://www.kahuiraraunga.io/maoriaigovernance
  12. AI 与信息隐私原则 https://www.privacy.org.nz/assets/New-order/Resources-/Publications/Guidance-resources/AI-Guidance-Resources-/AI-and-the-Information-Privacy-Principles.pdf
  13. 新西兰 AI 战略:满怀信心地投资 https://www.mbie.govt.nz/business-and-employment/economic-growth/digital-policy/new-zealands-ai-strategy-investing-with-confidence
  14. 全球数据保护法:新西兰 https://www.dlapiperdataprotection.com/index.html?t=law&c=NZ
  15. 人工智能:标准与指引 https://www.digital.govt.nz/standards-and-guidance/technology-and-architecture/artificial-intelligence

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. Learn more