Well how important is your privacy to you? And if it's breached, how long should you wait to hear from the people who breached it?

Facebook's Mark Zuckerberg broke five long days of silence yesterday to admit mistakes over the Cambridge Analytica scandal - he's known about it for ages of course but waited for the story to break before responding - and to outline steps to protect user data going forward.

But is it too little too late? Well it surely is for the 50 million Facebook users whose data has already been mined and used.

Zuckerberg stopped short of apologising - and some would argue removed himself from taking any responsibility by referring to the scandal as something that "happened" rather than anything Facebook "did".

Advertisement

One critic, a chairman of a crisis management company, gave Zuckerberg a B- grade for his response. Too little, too late.

So where does this leave us here in New Zealand? Well the Cambridge Analytica nightmare has prompted investigations in Britain, Canada and the US.

Australia, as of last month, updated its legislation around data breaches so as to hold companies more accountable. But what's happening here?

Well despite New Zealanders' historically very trusting online behaviour, we actually have very little protection.

There are privacy laws which may cover bits and pieces, but in terms of actual cut and thrust legislation to hold companies holding our information to account, we don't have any.

Not yet. Pressure is of course mounting, and laws will be coming - but when?

And in the meantime, how safe is our information online?

It seems sad that despite living in the internet age and raising a generation who'll never know a life outside of Google and the worldwide web, we have to wait for a scandal to hit before adequately regulating and protecting ourselves.

To assume the best of companies, and to expect our online information to be safe is I suppose a basic expectation, but it's possibly also naive and unrealistic.

Even with good intent, some companies can't, or don't know how to, fully protect that information from being harvested. Smaller companies in particular would likely struggle. But all of those reasons are not enough to stop NZ from legislating some protection.

It may not stop it happening here, but it would certainly hold companies to account and help them stay focused on data protection.

In the meantime, whether it has a chilling effect on how much we share online remains to be seen. But I'd like to think that instead of waiting for a similar scandal to hit us, we can now proactively regulate some way of giving online users the basic respect they deserve - a right to privacy.