ACCC finally finalises Consumer Data Right rules

ACCC finally finalises Consumer Data Right rules 1

The Australian Competition and Consumer Commission (ACCC) has finalised the rules governing the Consumer Data Right (CDR).

The CDR has been touted as allowing individuals to “own” their data by granting them open access to their banking, energy, phone, and internet transactions, as well as the right to control who can have it and who can use it.

The first tranche to which the CDR and its associated rules will affect is banking, with telecommunications and energy soon to follow.

In addition to legally requiring the four major banks to share product reference data with accredited data recipients, the rules also give legislative force to consumer data sharing obligations in banking — set to become mandatory from 1 July 2020, following delays.

Coinbase 3

Product reference data includes information such as interest rates, fees and charges, and eligibility criteria for banking products like credit cards and mortgages. Banks have voluntarily made this information available via APIs since July 2019.

Consumer data relating to credit and debit cards, deposit accounts, and transaction accounts must now be made available from the start of this coming financial year; while consumer data relating to mortgage and personal loan data must be able to be shared from November 1.

A draft set of rules were published in March. The now-finalised rules still specify three different ways CDR data can be requested, with the requirements tweaked minutely: Product data requests, consumer data requests made by CDR consumers, and consumer data requests made on behalf of CDR consumers.

A product data request will allow any individual to request CDR data relating to products offered by data holders be disclosed. A specialised service provided by the data holder needs to exist, however, for this exchange to occur.

The request would have to be made in accordance with relevant data standards to be accepted, and the data would be disclosed in a machine-readable form to the person making the request.

“The data holder cannot impose conditions, restrictions or limitations of any kind on the use of the disclosed data,” the rules clarify.

A CDR consumer may also directly request a data holder to disclose CDR data that relates to them — this is known as a consumer data request.

A consumer data request that is made directly to a data holder is to again be made using a specialised online service provided by the data holder. This time, however, the data is to be disclosed in human-readable form to the CDR consumer who made the request.

A CDR consumer may request another person to request a data holder to disclose CDR data that relates to them. If the request by the third-party is made in line with relevant data standards, when using the specialised service, that person will have the data disclosed in a machine-readable form.

Under the data minimisation principle however, the accredited person may only collect and use CDR data in order to provide goods or services in accordance with a request from the CDR consumer

As promised, the rules include the right for a person to have their data deleted.

“The accredited data recipient must: (a) determine the technique that is appropriate in the circumstances to de‑identify the relevant data to the required extent; and (b) apply that technique to de‑identify the relevant data to the required extent; and (c) delete, in accordance with the CDR data deletion process, any CDR data that must be deleted in order to ensure that no person is any longer identifiable, or reasonably identifiable,” the rules stipulate.

When the draft rules were published, they weren’t received with enthusiasm.

The Australian Privacy Foundation in March said the CDR privacy safeguards were not sufficient, and that the government has “severely” underestimated the need for more thought across the entire legislative change.

“The privacy safeguards are an additional protection given to CDR data under Part IV of the Act,” the ACCC said in its final rules.

“The privacy safeguards apply only to CDR data for which there are one or more CDR consumers (such as required consumer data and voluntary consumer data); they do not apply to CDR data for which there are no CDR consumers (such as required product data and voluntary product data).”

There are 13 “privacy safeguards” that the ACCC has deemed as sufficient for protecting consumers.

Despite hearing concerns over the adequacy of the privacy safeguards within the CDR, the rushed nature of the Treasury Laws Amendment (Consumer Data Right) Bill 2019 [Provisions], the distinct banking focus the Bill will have, and whether the outcome of the CDR will serve organisations more than it will consumers, the Senate Economics Legislation Committee on 21 March recommended that it be passed.

“At the very least, it will improve on current arrangements; and it has the potential to protect and empower consumers and drive competition and innovation,” the committee wrote at the time. “The committee particularly welcomes the endorsement of the Bill from innovative high technology companies.”

The Bill was passed on August 1 and the rules will come into effect tomorrow — 5 February 2020.


ACCC finally finalises Consumer Data Right rules 2
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts


E-Crypto News Executive Interviews


Bitcoin (BTC) $ 41,603.00
Ethereum (ETH) $ 2,463.23
Tether (USDT) $ 0.998285
Binance Coin (BNB) $ 333.12
Cardano (ADA) $ 1.31
XRP (XRP) $ 0.752829
Dogecoin (DOGE) $ 0.210436
USD Coin (USDC) $ 0.999681
Polkadot (DOT) $ 16.41
Binance USD (BUSD) $ 0.999884
bitcoinBitcoin (BTC)
$ 41,603.00
ethereumEthereum (ETH)
$ 2,463.23
tetherTether (USDT)
$ 0.998285
bitcoin-cashBitcoin Cash (BCH)
$ 544.95
litecoinLitecoin (LTC)
$ 143.76
bitcoinBitcoin (BTC)
ethereumEthereum (ETH)
tetherTether (USDT)
bitcoin-cashBitcoin Cash (BCH)
litecoinLitecoin (LTC)
bitcoinBitcoin (BTC)
ethereumEthereum (ETH)
tetherTether (USDT)
bitcoin-cashBitcoin Cash (BCH)
litecoinLitecoin (LTC)

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Hacks and Scam
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
What Is Solana (SOL) And How Does It Work?
June 26, 2021
What Is Plethori Platform And How Does It Work?
June 12, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin41,575 0.44 % 7.29 % 24.27 %
Ethereum2,456.9 0.35 % 4.99 % 16.05 %
Tether1.000 0.21 % 0.05 % 0.20 %
Binance Coin332.16 0.23 % 7.32 % 11.60 %
Cardano1.310 0.78 % 3.82 % 8.75 %
XRP0.7517 0.17 % 4.07 % 23.34 %
Dogecoin0.2095 0.70 % 4.34 % 8.18 %
USD Coin0.9992 0.13 % 0.05 % 0.16 %
Polkadot16.31 0.80 % 11.31 % 22.15 %
Binance USD0.9984 0.18 % 0.05 % 0.56 %

Bitcoin (BTC) $ 41,363.00
Ethereum (ETH) $ 2,456.12
Tether (USDT) $ 1.00
Binance Coin (BNB) $ 331.94
Cardano (ADA) $ 1.30
XRP (XRP) $ 0.745529
Dogecoin (DOGE) $ 0.211547
USD Coin (USDC) $ 0.999437
Polkadot (DOT) $ 16.44
Binance USD (BUSD) $ 1.00