Privacy Act Training

The alignment between New Zealand’s Privacy Act 2020 and Roman Catholic teaching is found in the intersection of the dignity of the human person and the canonical protection of a person’s "good name" (bona fama).

While the Privacy Act is a secular instrument, its core principles—transparency, purpose-limitation, and individual access—resonate deeply with Catholic moral theology and the legal protections afforded to the faithful under the Code of Canon Law (1983).

1. Theological Justification: Human Dignity and Stewardship

Catholic social teaching (CST) argues that the human person is not merely a data point but an image of God (Imago Dei).

• The Right to Interiority: St. Thomas Aquinas and later theologians emphasize that a person has a right to a "private sphere" where they can relate to God and others without state or social intrusion. Privacy is seen as a necessary condition for the exercise of free will.

• Subsidiarity and Personal Agency: The Privacy Act grants individuals the right to access and correct their information (Principle 6). Theologically, this mirrors Subsidiarity, which holds that individuals should have control over matters that affect them most closely. By giving a person "ownership" over their data, the Act respects their agency.

• Truth and Justice: The Eighth Commandment ("Thou shalt not bear false witness") provides a moral mandate for data accuracy. If a diocese, school or parish holds incorrect data that harms a person’s reputation, it violates the theological requirement for Truth.

2. Canon Law Justification: Protection of Reputation

The Code of Canon Law (CIC) contains specific "Rights of the Faithful" that provide a legal framework strikingly similar to the New Zealand Privacy Act.

• Canon 220: The Right to Privacy and Reputation:
  "No one is permitted to harm illegitimately the good reputation which a person possesses nor to violate the right of any person to protect his or her own privacy (intimitas)."
  This is the "privacy anchor" of the Church. It explicitly forbids the disclosure of information that would damage a person's standing in the community, paralleling the Privacy Act’s focus on preventing the "misuse" of personal information.

• Canon 489 & 490: Secret Archives:
  The Church maintains strict rules on who can access information and for what purpose. This aligns with Principle 11 of the NZ Privacy Act (Limits on disclosure), ensuring that sensitive information (like internal disciplinary matters or "forum internum" issues) is not shared beyond its specific purpose.

• The Seal of the Confessional (Canon 983):
  While the NZ Privacy Act has certain "Law Enforcement" exemptions, Canon Law holds an absolute protection for the "Seal." The Church justifies this by stating that the highest law is the salvation of souls (salus animarum), which requires total privacy in the sacramental encounter.

3. Church teachings in the catechism on respect for the truth and offences against truth: 

The Catechism of the Church also teaches about truth (no. 2475), not to bear false witness (no. 2476), having respect for the reputation of persons and not to cause them unjust injury (no. 2477) and that offences committed against justice and truth entails the duty of making right the wrong (no. 2487). These teachings are in line with Canon 220 from the Code. In modernity, Information privacy principles in the Privacy Act also protect such rights to ensure the lifecycle of personal information held by organisations are used lawfully, are accurate and correct, is not unlawfully accessed or disclosed causing harm to its owner, and enables the public to access to redress through proper procedural channels. Once more we see both civil and church principles walking in harmony with one another.

4. Synodality and co-responsibility: 

The Church’s mission is the salvation of souls. Synodality requires the church to journey together in its life and mission, there is co-responsibility from all baptised persons to share in this mission and all actively participate in decision making and leadership. Quoting Msgr Brendan’s article on “Implementing Synodality in Aotearoa”, “A synodal church is a participatory and co-responsible Church. How does our Church community identify the goals to be pursued, the way to reach them and the steps to be taken?  How is the authority or governance exercised within our local Church? How are teamwork and co-responsibility put into practice? How are evaluations conducted and by whom?” (chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.tekupenga.ac.nz/wp-content/uploads/2025/02/Implementing-Synodality-in-Aotearoa-02.25.pdf)

This is in line with practices in modern data protection and privacy principles, where “privacy is everyone’s responsibility”. (https://www.privacy.org.nz/resources-and-learning/a-z-topics/protecting-children-and-young-peoples-privacy/childrens-privacy-guidance-for-the-education-sector/chapter-3-privacy-is-everyones-responsibility/#:~:text=The%20person%20accountable%20for%20compliance,day%2Dto%2Dday%20work.) While organisations must have good governance, systems, policies and procedures in place, individuals and the community in general also play an important role in protecting their own personal information and to respect the privacy rights of others. This is as Jesus once said in Matthew 22:39, “ Love your neighbour as yourself.”, emphasising the importance of treating others with respect and love as they too are human beings possessing human dignity and the image of God.

5. Pope Leo: The Church recognises that it does not live in a static world, with technology comes advancement that may impact on rights of the persons. We are blessed with a Pope that is very in tune with digital advancements. Pope Leo in his message for the 60th World Day of Social communications highlights the “need to protect human dignity in an age increasingly shaped by technological innovation”. He highlights “collaboration amongst institutions and sectors are required to guide digital innovation toward the common good.” (https://www.vaticannews.va/en/pope/news/2026-01/pope-leo-xiv-messsage-world-day-social-communications-ai-human.html) “The task laid before us is not to stop digital innovation, but rather to guide it and to be aware of its ambivalent nature. It is up to each of us to raise our voice in defence of human persons, so that we can trly assimilate these tools as allies….No Sector can tackle the challenge of steering digital innovation and AI governance alone. Safeguards must therefore be put in place. All stakeholders – from the tech industry to legislators, from creative companies to academia…must all be involved in building and implementing informed a responsible digital citizenship.” Pope Leo’s message supports synodality, co-responsibility and collegiality of all parties to ensure humanity and its rights are protected as the world moves forward.

6. Digital Rerum Novarum – As the world becomes more digitally reliant, the Pontifical Academy of Social Sciences recently published their conference paper themed “Digital Rerum Novarum: Artificial Intelligence for Peace, Social Justice, and Integral Human Development”. The document addresses, amongst other things, “the issue of ethical management of data that respects privacy…cybersecurity and risk mitigation; and the development of skills needed for employment in the AI era.” (https://www.vaticannews.va/en/vatican-city/news/2025-10/digital-rerum-novarum-conference-vatican-ai-peace-justice-develo.html)

7. Synthesis of Church and State: The Privacy Act as a Tool for the "Common Good"

The Church teaches that the state has a duty to protect the Common Good. In a digital age, the Common Good includes protection from identity theft, surveillance, and data commodification.

NZ Privacy Principle | Catholic Theological/Canonical Parallel

Principle 1 & 2 (Collection) | Stewardship: Information should only be gathered for a "just cause."

Principle 6 & 7 (Access/Correction) | Justice: The right to ensure one's "Good Name" (Bona Fama) is accurately reflected.

Principle 11 (Disclosure) | Canon 220: Protection of Intimitas (Privacy) from illegitimate harm.

The "Why" that justifies Catholic institutions (like a parish, school or Diocese) strictly following the NZ Privacy Act 2020, is twofold:

1. Civil Obedience: Following the law of the land (Rom 13:1).

2. Moral Duty: We protect data not just because the law says so, but because protecting a person’s information is an act of Charity and Justice that respects their God-given dignity.

Completing Modules

Step 4: Choose Your Module

• Once logged in, you will see the "Course Catalogue."

• Click on the recommended module - Privacy ABC, Privacy 101 and Breach Reporting.

• Click the "Enrol me" button to start.

Step 5: Complete and Download Your Certificate

• Work through the interactive slides and the short quiz at the end.

• Once you pass the quiz, a Certificate of Completion will be generated. Please keep a record of these to varify your induction.

Tips to help with your journey:

• Save as you go: You don't have to finish the module in one sitting. The system will save your progress if you need to close the browser.

• Browser Compatibility: These modules work best in Google Chrome or Microsoft Edge. If a video doesn't play, try refreshing the page.

• Time Commitment: Privacy 101 usually takes about 30–45 minutes to complete.