Advises New Zealand Public Service on cautious use of GenAI, emphasizing data privacy, security, and ethical considerations. Prohibits using GenAI with sensitive or personal data externally. Stresses governance, transparency, and collaboration, especially concerning Māori data and interests.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is non-binding guidance using voluntary language ('recommend', 'encourage', 'suggest') with no formal enforcement mechanisms or legal penalties. It is interim advice from system leaders to support agencies in making informed decisions about GenAI use.
The document has good coverage of approximately 12-14 subdomains, with strong focus on privacy compromise (2.1), security vulnerabilities (2.2), false information (3.1), disinformation/surveillance (4.1), fraud/manipulation (4.3), overreliance (5.1), loss of agency (5.2), governance failure (6.5), goal misalignment (7.1), dangerous capabilities (7.2), lack of robustness (7.3), and lack of transparency (7.4). Coverage is concentrated in privacy, security, misinformation, human-computer interaction, and AI system safety domains.
This document primarily governs AI use within the Public Administration sector, specifically the New Zealand Public Service. It provides guidance for government agencies across all their functions and operations, with no specific focus on other economic sectors beyond public administration.
The document covers multiple lifecycle stages with primary focus on Deploy and Operate and Monitor stages. It addresses planning considerations, data handling, model use, validation requirements, deployment decisions, and ongoing monitoring. The guidance emphasizes governance throughout the lifecycle but is particularly detailed on deployment safeguards and operational monitoring.
The document explicitly focuses on Generative AI (GenAI) as its primary scope, with detailed definitions and examples. It mentions AI more broadly in context but does not explicitly address frontier AI, general purpose AI, task-specific AI, foundation models, predictive AI, open-weight models, or compute thresholds. The scope is clearly GenAI tools and systems used within the New Zealand Public Service.
Data, digital, privacy, procurement and security System Leaders; Government Chief Privacy Officer (GCPO)
The document is authored by System Leaders representing data, digital, privacy, procurement and security functions across the New Zealand Public Service, providing collective guidance on GenAI use.
Government Chief Privacy Officer (GCPO); agency senior leaders
The GCPO receives privacy impact assessments and policies for oversight purposes, while agency senior leaders are responsible for approving GenAI decisions and governance within their organizations. However, enforcement is advisory rather than punitive.
Government Chief Privacy Officer (GCPO); agency governance systems; Te Tiriti partners
The GCPO monitors through receiving PIAs and policies to identify support needs. Agencies are expected to establish their own governance and monitoring systems, with involvement of Te Tiriti partners where Māori data or interests are affected.
New Zealand Public Service agencies; public service procurement, data, digital, privacy and security leaders; public servants
The guidance explicitly targets New Zealand Public Service agencies and their functional leaders who are considering using or deploying GenAI tools in government operations.
15 subdomains (9 Good, 6 Minimal)