The Consumer Data Right gives consumers the right to share data between service providers of their choosing.
The CDR was enacted by the Treasury Laws Amendment (Consumer Data Right) Act 2019 (Cth), which inserted a new Part IVD into the Competition and Consumer Act 2010 (Cth).
To support this right, service providers implement systems that follow a number of rules, standards, guidelines and conventions. These requirements are set out in the following primary source documents:
- Consumer Data Right Rules
- Consumer Data Standards
- Consumer Experience Guidelines
- Consumer Data Standards Conventions
The Competition and Consumer (Consumer Data Right) Rules (the CDR Rules) provide the framework for how the CDR operates. The CDR Rules define the elements for consent, outline the accreditation framework and elaborate on the privacy aspects of the scheme.
The Rules also set out a requirement for Data Standards. See CDR Rules, Part 8 - Rules relating to data standards.
The Rules mention development of CX Guidelines in CDR Riles, Part 4 - Consumer data requests made by accredited persons.
The CDR Rules are developed by the Australian Federal Treasury.
Consumer Data Standards
The CDS include technical standards about the format and process for transferring data.
Consumer Experience Standards
The CDS also include Consumer Experience (CX) standards, which include requirements for the creation of implementations by both Data Recipients and Data Holders.
CX standards are developed by the DSB.
The CX Guidelines provide examples and recommendations for how to implement key rules and standards that relate to the consumer experience. They can be accessed from the CX Guidelines page.
CX guidelines are developed by the DSB.
CDS conventions are a set of recommendations for ways to implement standards. Conventions are not binding. However a convention that becomes established in common use may at some point be elevated to a binding standard.
Purpose of this Guide
This guide provides assistance to service providers in using the Consumer Data Standards, and in implementing CDR systems. See Using the CDS Guide. Participants should read the Consumer Data Standards in conjunction with the CDS Guide.
Service providers must comply with the rules and standards. They may be guided by the guidelines and conventions. Implementing the standards, and following the rules and guidelines, does not guarantee compliance. See Compliance for more information.
The Consumer Data Right (CDR) has been introduced in banking and is in the process of being introduced in other industry sectors. Many of the examples in this guide are drawn from the banking sector.
Service providers in the CDR model are of two types:
- a Data Holder (DH) holds consumer data
- an Accredited Data Recipient (ADR) requests data from the DH on behalf of the consumer
This guide is for Data Holders (DHs) and Accredited Data Recipients (ADRs). ADRs require an understanding of the systems built by DHs, and DHs need to know how ADR systems work.
This guide brings together information from the various primary sources under a range of topics. It also includes additional guidance provided by Subject Matter Experts (SMEs) in response to participant questions.
CDS Guide Contents