Your Daily Ten@10 - 2026/003

This is edition 2026/003 of the Ten@10 newsletter.

Hi all,

This is the Ten@10, where I collate and summarise ten news items you generally won't see in the mainstream media.

Enjoy!

• ⚠️ Ignored Warnings: Three Privacy Commissioners over 15 years — John Edwards, Liz MacPherson, and Michael Webster — repeatedly urged stronger penalties for privacy breaches, yet every call was ignored.
• 💰 Lobbyist Influence: A powerful lobbying network reframed privacy enforcement as “anti-innovation” and “red tape,” steering governments to protect industry profits instead of patient safety.
• 🏢 Digital Health Association (DHA): The main lobby group for health IT vendors (including Manage My Health) represents nearly all NZ health data and actively opposed “burdensome” privacy laws.
• 🧾 Smoking Gun Document: The DHA’s 2023 “Briefing to the Incoming Minister” explicitly warned against strong privacy regulations, calling them costly and anti-innovation — right before the 2026 data breach.
• 🔒 Code for Profit: Terms like “light-touch” and “innovation” masked demands for self-regulation to avoid paying for real cybersecurity measures like encryption and monitoring.
• 🏚️ Historical Parallels: Similar deregulation rhetoric caused past disasters — leaky homes, financial collapses, and Pike River. Now, health data joins the list.
• 🔁 Revolving Door: DHA board member Helen Lear also worked at Health NZ, a textbook case of regulatory capture that blurred lines between regulator and industry.
• 🧩 Captured Policy: DHA helped co-design the national Hira health data platform, shaping it to favour existing industry players rather than improve safety or competition.
• 🇦🇺 Australia’s Contrast: After massive breaches in 2022, Australia imposed AU$50 million penalties within weeks; NZ faced repeated breaches yet kept its $10,000 cap.
• 🐢 NZ’s Inaction: Major breaches in 2019, 2021, 2022, and 2026 resulted in no fines. Bureaucratic paralysis and captured policymaking left citizens unprotected.
• 📉 Democratic Failure: Watchdogs “barked,” but governments ignored them — preferring industry narratives that privacy rules “hurt innovation.”
• 🧠 Narrative Capture: Industry’s language of “burdensome regulation” became bipartisan orthodoxy, silencing advocates for accountability.
• ⚖️ Therapeutic Products Act Repeal: DHA’s biggest win — the 2024 repeal gutted oversight of digital health software, removing patient protections in the name of “cutting red tape.”
• 🤝 Bipartisan Complicity: Both Labour and National enabled the weak regime — Labour ignored reforms; National deepened deregulation under its “red tape cutting” agenda.
• 🧱 National Pathology: NZ repeatedly privileges corporate comfort over public safety — from buildings to finance to health data — a recurring failure of governance.
• 🕳️ Corruption by Omission: Not bribery, but deliberate neglect — documented choices to prioritise lobbyists over watchdogs, leaving 127,000 health records exposed.
• ❓ Accountability Question: The breach wasn’t a technical failure but a policy choice — raising the central question: Who is the Government really serving?