Dear Office of the Privacy Commissioner,

Pursuant to the Official Information Act 1982, I request the following information relating to the US “Management of Individuals’ Neural Data Act of 2025” (MIND Act), introduced in the US Senate on or around 24 September 2025 by Senators Maria Cantwell, Chuck Schumer, and Edward Markey.

This bill directs the Federal Trade Commission (FTC) to establish privacy standards for neural data collected via neurotechnology (e.g., brain-computer interfaces), emphasizing consent, transparency, security, and prohibitions on unauthorized government collection of brain activity data.

The MIND Act arises amid growing concerns over the privacy risks of emerging technologies that interface with the human brain, potentially including wireless-enabled devices. In a New Zealand context, this raises questions about alignment with our Privacy Act 2020 (including recent amendments like IPP3A under the Privacy Amendment Act 2025), the new Biometric Processing Privacy Code 2025, digital innovation strategies, and oversight of radiofrequency (RFR)/electromagnetic field (EMF) exposures under standards like NZS 2772.1:1999, particularly as neurotech may intersect with 5G/smart meter ecosystems and biometric data processing.

Please provide:

Any internal briefings, policy advice, or guidance generated by the Office of the Privacy Commissioner (or interagency correspondence with the Ministry of Business, Innovation & Employment, Ministry of Justice, Ministry of Health, or other relevant bodies) since 1 January 2024 regarding the MIND Act, including:
Assessments of its implications for NZ privacy laws, biometric regulations, or neurotechnology oversight (e.g., potential extensions of the Biometric Processing Privacy Code to neural data).

Discussions on adopting similar safeguards for neural data in NZ (e.g., consent requirements for BCI data collection, transparency in indirect data gathering under IPP3A, or prohibitions on unauthorized access).

Records of any reports, investigations, or consultations commissioned or undertaken by the Office of the Privacy Commissioner aimed at investigating privacy risks, ethical standards, or compliance requirements for neural data collection via neurotech, including summaries, findings, and any related public consultations (2015–2025).

Any advice papers or risk evaluations on the privacy implications of integrating neural data technologies with existing NZ infrastructure (e.g., smart meters, 5G networks), including assessments of consumer privacy risks under the Privacy Act 2020 or comparative analyses to international standards.

Copies of correspondence between the Office of the Privacy Commissioner and US counterparts (e.g., FTC) or international bodies (e.g., OECD, Asia-Pacific Privacy Authorities Forum, Five Eyes partners) relating to the MIND Act, global neural data governance, or emerging technologies like AI and biometrics.

If any part of this information is withheld, please state the exact grounds under the OIA (specifying the subsection) and explain the public interest test applied under section 9(1). Please respond electronically within the statutory timeframe.

This request is made in the public interest to promote transparency on how NZ is preparing for neurotechnology’s privacy challenges, especially given the MIND Act’s focus on protecting brain data from exploitation and recent NZ developments like the Biometric Processing Privacy Code.

Kind regards,
Spencer Jones