Question
We understand that we will need to report on the number of product data requests received, once we go live with Get Products and Get Product Detail APIs in July 2020.
Is there any additional reporting expected for Get Products and Get Product Detail Application Programming Interface's (APIs)? Specifically:
- Do we need to report on complaints from CDR consumers (items 2–7 on the reporting form)? If yes, what would be a hypothetical scenario when a CDR consumer would complain about Get Products and Get Product Detail APIs, considering both these APIs don’t expose any CDR consumer data?
- Do we need to report on refusals to disclose CDR data, CDR rules and data standards relied on to refuse disclosure, number of times relied on each of those (items 11–13 on the reporting form)? If yes, what would be an example of such refusal? Is ‘Too many requests by unique identifier’ security policy that is setup through a gateway such as Apigee considered a refusal to disclose CDR data that needs to be reported on?
Answer
Data holders must report on CDR complaints from CDR consumers in accordance with rule 9.4(1)(b), which covers “CDR complaint data”. “CDR complaint data” includes a “CDR consumer complaint”. A “CDR consumer complaint” includes a complaint made by a CDR consumer to a data holder about the data holder’s compliance with Part IVD of the Act, the CDR Rules and the Data Standards. This may include complaints about product reference data.
In addition, data holders must report on the total number of complaints received from other CDR participants in relation to compliance with Part IVD of the Competition and Consumer Act 2010 (Cth), the CDR rules and the binding data standards insofar as those complaints relate to a data holder’s required product data and voluntary product data during the relevant reporting period (item 1 of the reporting form).
Data holders must report on the number of refusals to disclose CDR data and the CDR rules or data standards relied on to refuse to disclose that CDR data (item 11 of the reporting form). In addition to items 11.2 and 11.3, item 11.4 asks the data holder how many times other rules or standards were relied upon for a refusal of a product data request, and to state those rules and/or standards. Under rule 2.5, a data holder may refuse to disclose required product data in response to a request in circumstances (if any) set out in the data standards.
An example of such circumstances in relation to product data includes when the number of requests the data holder is receiving is above their service level thresholds as defined in the non-functional requirements section of the data standards.
Comments
0 comments
Please sign in to leave a comment.