Introduction
The Consumer Data Right gives consumers the right to share data between service providers of their choosing.
The CDR was enacted by the Treasury Laws Amendment (Consumer Data Right) Act 2019 (Cth), which inserted a new Part IVD into the Competition and Consumer Act 2010 (Cth).
To support this right, service providers implement systems that follow a number of rules, standards, guidelines and conventions. These requirements are set out in the following primary source documents:
- Consumer Data Right Rules
- Consumer Data Standards
- Consumer Experience Guidelines
- Consumer Data Standards Conventions
Origins of the Consumer Data Right
The Murray, Harper, Coleman, and Finkel inquiries all recommended that Australia develop a right and standards for customers to access and transfer their information in a usable format. In addition, in May 2017, the Government received the Productivity Commission’s (PC) report on their Inquiry into Data Availability and Use. The report included a set of 41 recommendations, including for the creation of a new economy-wide Comprehensive Data Right.
In the 2017-18 Budget, the Treasurer announced that Open Banking will be introduced in Australia and commissioned an Open Banking Review to recommend the best approach to implement it.
On 20 July 2017, the Treasurer the Hon Scott Morrison MP commissioned the Review into Open Banking in Australia (the Review), chaired by Mr Scott Farrell, to recommend the most appropriate model for Open Banking in Australia. Since then, the Government has decided to legislate a Consumer Data Right to give Australians greater control over their data, empowering customers to choose to share their data with trusted recipients only for the purposes that they have authorised.
On 9 May 2018, the Government agreed to the recommendations of the Review, both for the framework of the overarching Consumer Data Right. The Right will be implemented initially in the banking (Open Banking), energy, and telecommunications sectors, and then rolled out economy-wide on a sector-by-sector basis.
The Treasury Laws Amendment (Consumer Data Right) Bill 2019 was passed on 1 Aug 2019 and amends the Competition and Consumer Act 2010, Australian Information Commissioner Act 2010 and Privacy Act 1988 to create the Consumer Data Right to provide individuals and businesses with a right to access specified data in relation to them held by businesses.
CDR Rules
The Competition and Consumer (Consumer Data Right) Rules (the CDR Rules) provide the framework for how the CDR operates. The CDR Rules define the elements for consent, outline the accreditation framework and elaborate on the privacy aspects of the scheme.
The Rules also set out a requirement for Data Standards. See CDR Rules, Part 8 - Rules relating to data standards.
The Rules mention development of CX Guidelines in CDR Riles, Part 4 - Consumer data requests made by accredited persons.
The CDR Rules are developed by the Australian Federal Treasury.
Consumer Data Standards
The Consumer Data Standards (CDS) are developed by the Data Standards Body (DSB). The CDS include technical standards about the format and process for transferring data.
The Consumer Data Right (CDR) gives consumers the ability to share information with a third party: an Accredited Data Recipient (ADR). Consumers may want to use personal budgeting tools, to compare prices and benefits between different services, to manage repayment of a loan or to develop smoother accounting services. The CDS ensure that the consumer data held by organisations (Data Holders) is delivered to the Accredited Data Recipient in a consistent format, independent of the internal tools or data representations used by these organisations.
Consumer Experience Standards
The CDS also include Consumer Experience (CX) standards, which include requirements for the creation of implementations by both Data Recipients and Data Holders.
CX standards are developed by the DSB.
CX Guidelines
The CX Guidelines provide examples and recommendations for how to implement key rules and standards that relate to the consumer experience. They can be accessed from the CX Guidelines page.
CX guidelines are developed by the DSB.
CDS Conventions
CDS conventions are a set of recommendations for ways to implement standards. Conventions are not binding. However a convention that becomes established in common use may at some point be elevated to a binding standard.
Purpose of this Guide
This guide provides assistance to service providers in using the Consumer Data Standards, and in implementing CDR systems. See Using the CDS Guide. Participants should read the Consumer Data Standards in conjunction with the CDS Guide.
Service providers must comply with the rules and standards. They may be guided by the guidelines and conventions. Implementing the standards, and following the rules and guidelines, does not guarantee compliance. See Compliance for more information.
The Consumer Data Right (CDR) has been introduced in banking and is in the process of being introduced in other industry sectors. Many of the examples in this guide are drawn from the banking sector.
Service providers in the CDR model are of two types:
- a Data Holder (DH) holds consumer data
- an Accredited Data Recipient (ADR) requests data from the DH on behalf of the consumer
This guide is for Data Holders (DHs) and Accredited Data Recipients (ADRs). ADRs require an understanding of the systems built by DHs, and DHs need to know how ADR systems work.
This guide brings together information from the various primary sources under a range of topics. It also includes additional guidance provided by Subject Matter Experts (SMEs) in response to participant questions.
CDS Guide Contents
Comments
0 comments
Please sign in to leave a comment.