Public Annotation – OPC Clarification Request (Overlapping OIA Requests)

This correspondence from the Office of the Privacy Commissioner (OPC) does not constitute a substantive response to the information requested. Instead, it is a procedural clarification request regarding the relationship between two OIA requests submitted via FYI.org.nz.

The OPC has asked whether a second request replaces an earlier request, noting that the later request appears to cover similar subject matter but over a broader timeframe.

Key observations:

1. Procedural Status – Request Not Yet Determined
This response indicates that the request is currently in a clarification phase. It has not been:
• granted
• refused
• transferred
• or formally extended

Processing is effectively paused pending clarification from the requester.

2. Overlap Identification by Agency
The OPC has identified that:
• the second request overlaps with the first request
• the second request appears broader in temporal scope

This suggests that the agency is attempting to:
• consolidate workload
• avoid duplication of effort
• ensure clarity of scope before proceeding

3. Implications for Timeframes
Under the Official Information Act 1982, agencies may seek clarification where requests are unclear or overlapping.

Where clarification is required:
• the statutory timeframe may be paused or reset upon clarification
• delays at this stage are procedural rather than substantive

4. Strategic Interpretation
This type of response is common where:
• multiple related requests are submitted in close succession
• requests evolve in scope during an ongoing inquiry
• agencies are attempting to manage cumulative request burden

It does not indicate that the request is problematic or likely to be refused.

5. Research and Investigation Implications
For researchers and investigators, this exchange highlights:
• the importance of clearly defining whether follow-up requests replace or supplement earlier requests
• how agencies interpret overlapping requests administratively
• the need to maintain clarity of scope across iterative OIA strategies

6. Recommended Approach for Requesters
To progress the request efficiently, clarification should:
• explicitly confirm whether the second request replaces or supplements the first
• clearly define the intended timeframe and scope
• minimise ambiguity to avoid further procedural delays

7. System-Level Observation
This interaction reflects a broader pattern in OIA practice:
• agencies prioritise clarity and manageability of requests before substantive processing
• overlapping or iterative requests are often consolidated where possible

While procedural in nature, these exchanges can affect:
• response timelines
• scope of information ultimately released

This annotation is intended to assist future readers in understanding the procedural stage of the request and the role of clarification in OIA processing.

Public Annotation – Clarification of Dual OIA Requests (Smart Meter Privacy, Consent, and Governance)

This annotation clarifies the relationship between two Official Information Act (OIA) requests submitted to the Office of the Privacy Commissioner (OPC) in March 2026 concerning smart meter data, privacy status, inferred behavioural data, and regulatory oversight.

The OPC has asked whether the second request replaces the first. This annotation confirms that the second request supplements and extends the first, rather than replacing it.

1. Structure of the Two Requests

The requests should be understood as a staged investigative approach:

• Request 1 (6 March 2026):
Focus: Smart meter data, privacy governance, consent, complaints, and regulatory oversight
Timeframe: From 1 January 2020 onwards

• Request 2 (13 March 2026):
Focus: Privacy status of smart meter data, inferred behavioural data, profiling, and regulatory safeguards
Timeframe: From 1 January 2015 onwards

The second request expands both:
• the timeframe (extending back to 2015), and
• the analytical focus (specifically targeting whether smart meter data constitutes personal information and supports behavioural inference or profiling)

2. Why the Requests Are Complementary

The first request establishes the governance and complaint-handling framework.

The second request deepens the inquiry into:
• the legal classification of smart meter data under the Privacy Act 2020
• whether behavioural patterns can be inferred from such data
• how consent and safeguards are applied in practice

Together, the requests form a layered investigation:
• governance → classification → safeguards → oversight

3. Research Value for Followers

For those following this thread, the dual-request structure is important because it:

• prevents premature narrowing of scope
• allows comparison between recent governance practices (post-2020) and earlier regulatory development (from 2015)
• enables identification of shifts in policy, interpretation, or enforcement over time

4. Link to Wider OIA Work (Cross-Thread Context)

This request should be read alongside related OIA threads concerning smart meters, EMF exposure, and regulatory responsibility:

• Smart meter RF/EMF public health assessment and inter-agency correspondence:
https://fyi.org.nz/request/34077-smart-m...

• Executive allocation of responsibility for smart meter RF oversight:
https://fyi.org.nz/request/33836-executi...

• Scientific advice or reviews concerning RF exposure (ESR / MoH transfer context):
https://fyi.org.nz/request/33832-scienti...

These threads collectively examine:
• public health risk assessment (RF/EMF)
• regulatory responsibility allocation
• scientific advisory pathways
• and now, privacy classification and consent governance

5. Governance Insight Emerging

Across these linked requests, a broader pattern is being examined:

• technical systems (smart meters) generate granular usage data
• multiple agencies hold partial responsibility (health, energy, privacy, science)
• but no single, clearly defined governance framework appears to integrate:
– public health risk
– privacy classification
– consent mechanisms
– and oversight accountability

6. Why the OPC Request Matters

The OPC sits at a critical junction in this ecosystem because it determines:

• whether smart meter data is considered “personal information”
• whether inferred behavioural patterns fall within privacy protections
• whether consent mechanisms are adequate
• how complaints are assessed and escalated

This request therefore targets the legal and regulatory foundation of data use, rather than the technical system itself.

7. OIA Strategy Note for Future Researchers

This dual-request approach reflects a common investigative method:

• initial request establishes governance structure
• follow-up request expands scope and tests legal interpretation
• both are retained to preserve evidential completeness

Where agencies seek to consolidate or narrow requests, clarification is important to maintain the full investigative framework.

---

This annotation is provided to assist followers, researchers, and investigators in understanding the structure, intent, and broader context of these requests within ongoing examination of smart meter governance in New Zealand.

Annotation: Regulatory Scope and Record Availability – Smart Meter Privacy

This response confirms that the Office of the Privacy Commissioner:
• recognises that smart meter data may constitute personal information when linked to an individual,
• acknowledges that such data can reveal detailed patterns of behaviour and lifestyle,
• has engaged historically on smart meter privacy issues through case notes and submissions.

However, the response also indicates that:
• no records are held assessing whether existing privacy law adequately addresses inferred or behavioural information derived from smart meter data, and
• inter-agency correspondence and internal analyses are not available due to statutory secrecy obligations.

This suggests that while privacy risks are recognised at a conceptual level, there is limited accessible evidence of:
• ongoing regulatory analysis,
• system-level governance of inferred data risks, or
• coordinated inter-agency oversight.

The response therefore appears to reflect a distinction between:
• acknowledged privacy implications, and
• the availability of operational or analytical records addressing those implications.