AI Acceptable Use Policy (New Zealand)

New Zealand does not yet have specific AI legislation (as of 2025–2026), but several existing laws apply to workplace AI use. The Privacy Act 2020 applies to any AI tool that processes personal information — organisations must require that inputting personal data into AI tools complies with the Information Privacy Principles, particularly IPP 1 (collection for a lawful purpose), IPP 5 (data security), and IPP 10–11 (use and disclosure of information). The Copyright Act 1994 raises questions about AI-generated content ownership and whether using copyrighted material to train or prompt AI systems constitutes infringement. The Employment Relations Act 2000 and Human Rights Act 1993 are relevant where AI is used in employment decisions — algorithmic bias could expose employers to discrimination claims. The Evidence Act 2006 may affect the admissibility of AI-generated content in legal proceedings. The Commerce Commission's Fair Trading Act 1986 enforcement may apply where AI is used to create misleading content or advertising. New Zealand's Algorithm Charter (published by Stats NZ and adopted by various government agencies) establishes principles for transparent and accountable use of algorithms and AI in public sector contexts, which provide useful guidance for private sector AI governance too.

Whether employees can use AI tools like ChatGPT at work depends on the employer's AI policy. Without an explicit policy, employees may use AI tools in ways that create legal and reputational risks for their employer. Key risks include: privacy breaches — if employees input personal data about clients, colleagues, or other individuals into AI tools, this may breach the Privacy Act 2020 if the information is transmitted to third-party servers without appropriate consent or safeguards; confidentiality breaches — inputting confidential business information (trade secrets, client data, financial information) into public AI tools may expose that information to the AI provider's systems and potentially to third parties; intellectual property issues — AI-generated content may raise copyright questions under the Copyright Act 1994; accuracy risks — AI tools can produce incorrect or misleading information, and relying on unverified AI outputs can cause professional and legal harm; and reputational risks — publishing AI-generated content without review can damage organisational reputation. An AI Acceptable Use Policy should clearly state which AI tools are approved for which purposes, what information can and cannot be inputted, how AI outputs must be verified, and the consequences of misuse.

Ownership of AI-generated content in New Zealand is an emerging legal question. Under the Copyright Act 1994, copyright subsists in original works that are the result of human skill and effort. For computer-generated works (works generated by a computer without a human author), section 5(2) of the Copyright Act 1994 provides that the author is the person who made the necessary arrangements for the creation of the work. This suggests that the person who prompted or directed the AI tool to create content — the human user — may be treated as the author for copyright purposes in New Zealand, and if they created the content in the course of their employment, the employer would own the copyright. However, this analysis is uncertain and untested in New Zealand courts for modern generative AI. The AI tool provider's terms of service also affect ownership — some AI providers (such as OpenAI) grant users rights over AI-generated outputs, while retaining rights to use inputs for model training. New Zealand organisations should address AI content ownership in their AI Acceptable Use Policy and monitor developments in New Zealand and international intellectual property law in this area.

New Zealand's Algorithm Charter is a voluntary framework developed by Stats NZ (Statistics New Zealand) in 2020 for government agencies that use algorithms and AI in decision-making. Agencies that sign the charter commit to a set of principles for transparent, accountable, and fair algorithmic use, including: being transparent about when and how algorithms are used; embedding privacy and ethics in algorithm design; having a human in the loop for significant decisions; and managing the risks of bias. As of 2025–2026, the Algorithm Charter applies to government agencies that have adopted it — it is not legally binding on private businesses. However, the principles of the Charter provide a useful governance framework for private sector organisations that wish to use AI responsibly. New Zealand's Office of the Privacy Commissioner has also published guidance on automated decision-making and AI from a privacy law perspective, which is directly relevant to private businesses. The New Zealand government has signalled its intention to develop more thorough AI governance frameworks, potentially including legislation, in line with international developments such as the EU AI Act. Private businesses should monitor these developments and ensure their AI policies are adaptable.

A AI Acceptable Use Policy (New Zealand) does not legally require a lawyer in New Zealand, and individuals and businesses may draft and execute the document independently. The Companies Act 1993 does not mandate legal representation for the creation or signing of this type of document. However, seeking independent legal advice from a qualified New Zealand lawyer is recommended for transactions involving substantial financial value, complex regulatory requirements, or cross-border elements where multiple legal jurisdictions may apply. A lawyer can verify that the document complies with all applicable statutory requirements, identify potential risks specific to the transaction, and confirm that the terms adequately protect the interests of all parties involved. The High Court of New Zealand has jurisdiction over disputes arising from this type of document, and Companies Office may impose additional compliance obligations depending on the nature of the underlying transaction. Professional legal review is particularly advisable where the document will be submitted to government agencies or used as evidence in legal proceedings.