International Cooperation

Context

AI governance is inherently global — the models, the compute infrastructure, the training data, and the corporate entities developing frontier AI are distributed across jurisdictions in ways that no single country can govern unilaterally. New Zealand cannot regulate AI in isolation, but we can build regulatory frameworks that are coherent, credible, and compatible with allies — and we can use our diplomatic networks strategically to punch above our weight.

OECD AI Principles

New Zealand was among the 36 countries that adopted the OECD Principles on Artificial Intelligence in May 2019 — the first intergovernmental standard on AI, and still the most widely referenced framework globally. The Principles commit member governments to AI that is inclusive, transparent, robust, secure, safe, and accountable. They are non-binding but politically significant: the G20 subsequently adopted equivalent principles, extending their reach to the world's largest economies.

NZ's challenge is translating OECD principle-level commitments into domestic law. Most OECD members have made limited statutory progress. The EU is the exception; its AI Act, which entered into force in 2024, is the world's first binding AI-specific legislation. NZ exporters and service providers operating in EU markets — particularly in health technology, financial services, and professional services — will be subject to the AI Act's requirements regardless of where they are incorporated. This creates a de facto compliance impetus: NZ firms exporting to Europe will need to meet AI Act standards, and it is more efficient for NZ domestic regulation to align with those standards than to require dual compliance frameworks.

EU AI Act: Implications for NZ

The EU AI Act's risk-tiered approach (prohibited, high-risk, limited-risk, minimal-risk) provides a workable template for NZ's own regulatory framework. Key implications for NZ:

Export market access. NZ AI products classified as "high risk" under the Act (CV screening tools, credit scoring, critical infrastructure management, medical devices, law enforcement applications) must comply with EU requirements — conformity assessment, technical documentation, human oversight, and registration — before entering the EU market. NZ firms without an EU establishment must appoint an authorised representative. This is a compliance burden, but also an opportunity: firms that build to EU AI Act standards have a credible signal for other regulated markets.

Regulatory alignment reduces friction. If NZ adopts a risk-tiered framework broadly compatible with the EU AI Act, it reduces the cost of dual compliance for exporters and positions NZ as a trusted jurisdiction from which EU-compliant AI services can be delivered. This is directly analogous to NZ's GDPR-adequacy relationship on data protection — the Privacy Act 2020 was designed in part to maintain adequacy status.

APEC and Digital Economy Agreements

Through APEC, NZ participates in the APEC AI Principles framework and the Cross-Border Privacy Rules (CBPR) system. APEC's AI work is less developed than the OECD's but increasingly relevant given NZ's trade orientation toward Asia-Pacific.

More commercially significant are NZ's bilateral Digital Economy Partnership Agreements. The DEPA (Digital Economy Partnership Agreement) between NZ, Singapore, and Chile — signed in 2020 and the world's first standalone digital trade agreement — includes provisions on AI governance, committing parties to promote trustworthy AI consistent with OECD principles, and to cooperate on AI standards development. Singapore's model AI governance framework, developed by IMDA, is technically detailed and practically oriented; NZ should draw on it alongside the EU and Canadian models.

CPTPP digital provisions (Chapter 14) protect cross-border data flows and prohibit data localisation requirements among member states — provisions that create some tension with data sovereignty goals. NZ should engage proactively in CPTPP review processes to ensure these provisions are read compatibly with legitimate public interest carve-outs for sensitive data categories, consistent with how trade agreements have historically handled prudential banking regulations.

Trans-Tasman AI Cooperation

Australia is NZ's closest regulatory partner and the natural starting point for bilateral AI cooperation. Australia's AI Ethics Principles (2019) closely parallel NZ's Algorithm Charter commitments. The Australian Government's 2023 Safe and Responsible AI discussion paper and subsequent mandatory guardrails for AI in high-risk settings signal a maturing regulatory posture that NZ should track closely.

A concrete proposal: a Trans-Tasman AI Regulatory Sandbox modelled on the existing arrangement between ASIC and the FMA (financial regulators). This would allow companies to test AI products in both markets under a coordinated supervisory framework, reducing the cost of trans-Tasman expansion for responsible AI developers while enabling regulators to share learnings. Given CER's existing infrastructure for mutual recognition of standards and professional qualifications, the institutional plumbing for such a sandbox already exists.

Five Eyes and Intelligence Considerations

NZ's membership in the Five Eyes intelligence alliance creates both obligations and constraints for AI governance. Intelligence community AI use — for signals intelligence, targeting, border security — operates under classified frameworks that are not subject to the same transparency requirements as civilian AI. NZ should ensure that domestic AI governance legislation explicitly addresses the intelligence context: oversight mechanisms (such as the Inspector-General of Intelligence and Security's role) should extend to AI systems used by the NZSIS and GCSB, not be carved out as a national security exception.

Five Eyes AI cooperation also raises questions about interoperability of AI-assisted surveillance infrastructure. NZ should participate in these frameworks where they serve legitimate security purposes, while maintaining clear domestic standards for what AI-assisted intelligence activities are permissible — and ensuring those standards are reviewed by appropriate democratic oversight bodies, not solely by the agencies themselves.

Pacific Islands Forum: NZ's Regional Obligations

Many Pacific Island nations face the impacts of AI-driven economic disruption — particularly in tourism, remittances, and export processing — without the institutional capacity to govern AI themselves. NZ has obligations under the Pacific Islands Forum's 2050 Strategy for the Blue Pacific Continent to support Pacific development, including in digital governance.

Concretely, NZ should: offer technical assistance to Pacific nations developing AI governance frameworks; advocate for Pacific voice in international standard-setting bodies including the OECD and ISO; ensure that NZ sovereign inference infrastructure is available to Pacific governments for sensitive government workloads on terms that build local capability rather than dependency; and include digital governance in the agenda of Pacific-NZ bilateral development partnerships.

NZ as a "Trusted AI Jurisdiction"

NZ's combination of political stability, strong rule of law, renewable electricity grid, geographical distance from major geopolitical fault lines, and demonstrated commitment to human rights creates a genuine opportunity: positioning as a trusted AI jurisdiction for global services.

This means being a place where AI-intensive services — healthcare AI, legal AI, financial AI — can be developed and delivered under governance frameworks that clients in regulated markets (EU, UK, Australia, Japan) can rely on. It is analogous to NZ's existing strengths in financial services (NZX, fund management) and legal services: reputation for integrity commands premium access to regulated global markets.

Realising this opportunity requires regulatory credibility. A NZ AI Ethics Act, a functional AI regulator with genuine independence, and demonstrated enforcement — not just principle documents — are prerequisites. The reputational dividend from getting this right is larger than it might appear: as the global AI governance landscape fragments between US permissiveness and EU stringency, a credible mid-market jurisdiction with aligned-but-not-subordinate regulatory standards becomes valuable infrastructure for international commerce.