To: Department of Internal Affairs

I am writing to request information under the Official Information Act 1982 regarding the proposed legislation to restrict social media access for users under the age of 16.

Specifically, I am requesting copies of all advice, briefings, cabinet papers, or aides-mémoire provided to you or your office regarding the technical implementation of age verification, specifically covering the period from October 1, 2024, to present.

I request the following specific information:

1. Device-Based vs. Provider-Based Verification: Any documents outlining the comparative analysis between "Device-Based/OS-Level" verification (using Apple/Google APIs) versus "Provider-Based" verification (requiring platforms like Meta/TikTok to verify users).
Specific interest: I am seeking information on why the "Device-Based" model was rejected or not mandated, given its superior privacy characteristics.

2. Privacy Impact of ID Uploads: Any advice received regarding the privacy risks of the "Provider Liability" model, specifically concerning the likelihood of social media platforms requiring government ID uploads or facial biometrics from New Zealand adults and children to ensure compliance.

3. Australian Consultation: Any correspondence with the Australian Government or eSafety Commissioner regarding the privacy implications of their Online Safety Amendment (Social Media Minimum Age) Bill 2024, specifically regarding the use of third-party identity brokers (e.g., Yoti, k-ID).

Thank you for your response dated 12 February 2026 (Ref: OIA 2526-0812).

I note that you have refused this request under section 18(e) by referring to a previous response (OIA 2526-0676).

I am writing to specifically challenge the refusal of Part 3 of my request ("Australian Consultation").

1. Scope of Transfer vs. Scope of Search
You noted that this request was transferred from the Office of Hon Erica Stanford. However, the Minister's transfer correspondence explicitly stated that only Parts 1 and 2 (Technical Implementation and ID Uploads) were being transferred to the relevant agencies.

Part 3 (Australian Consultation) was not part of the formal transfer directive. As such, it appears possible that your office has included the text of Part 3 in your acknowledgment letter but has not actually conducted a search for it, relying instead on the previous refusal for Parts 1 and 2.

2. DIA’s Specific Mandate
The Department of Internal Affairs houses the Digital Safety Team and manages the relationship with the Office of Film and Literature Classification. These are the direct New Zealand counterparts to the Australian eSafety Commissioner.

It is highly probable that the DIA Digital Safety Team has received correspondence, briefings, or "FYI" notes regarding the Australian Online Safety Amendment (Social Media Minimum Age) Bill 2024, even if DIA is not the lead policy agency for the NZ equivalent.

3. Request for Specific Search
Please consider this a clarification of the request:
I am requesting that you specifically query the Digital Safety Team regarding Part 3.

Have they had any correspondence with the Australian eSafety Commissioner (Julie Inman Grant) or the Australian Government regarding their recent age verification legislation?

If you continue to refuse Part 3 under section 18(e), please confirm that the Digital Safety Team was specifically consulted on this question and confirmed they hold no records of any kind (including emails) regarding the Australian legislation.

I look forward to your confirmation.

To: Department of Internal Affairs
Date: March 22, 2026

I am writing regarding my correspondence dated February 17, 2026, in which I challenged the refusal of Part 3 of my Official Information Act request (Ref: OIA 2526-0812) and requested a specific search be conducted by the Digital Safety Team.

To date, I have not received an acknowledgement of this correspondence, nor have I received a decision regarding the clarified scope of my request.

Under section 15(1) of the Official Information Act 1982, your department is required to make and communicate a decision on a request "as soon as reasonably practicable, and in any case not later than 20 working days after the day on which the request is received." As more than 20 working days have now passed since my February 17 clarification, this response is legally overdue.

Please consider this my final notice. If I do not receive a substantive response regarding Part 3 of my request by 5:00 PM on Wednesday, 25 March 2026, I will lodge a formal complaint with the Office of the Ombudsman.

Specifically, I intend to file a complaint under section 28(3) of the OIA for undue delay in responding to a request, and for failing to meet the statutory timeframes set out in section 15(1).

I am simply seeking confirmation on whether the DIA Digital Safety Team has had any correspondence with the Australian eSafety Commissioner or the Australian Government regarding the Online Safety Amendment (Social Media Minimum Age) Bill 2024.

I look forward to your urgent reply.

Joshua Riley