The Consumer Data Right – coming to a bank near you…

The Consumer Data Right – coming to a bank near you…
July 9, 2019 Michelle Marren

1 July 2019 sees the four big Australian banks commence a pilot program for the Consumer Data Right (CDR) to test how they will comply with the federal government’s plan (announced on 26 November 2017) to enable consumer’s data to be made available to third parties (with the customer’s permission) in order to more easily be able to compare banking products.

This is Open Banking (still to be legislated) – to be followed by similar regimes for the telecommunications and energy sectors… and more to come.

The theory is that consumers own their data – not banks, telecommunications companies etc – albeit they may hold it.  And consumers should be able to use their data to compare products and services across a sector.

From July 1, consumers of the big four banks will be able to grant third parties access to ‘product data’ about their accounts, to be followed by testing to enable third parties access to transaction data on debit and credit cards, transaction accounts and mortgages, with such access to begin in earnest no later than February.

Smaller banks are getting a bit more time to comply but the rollout is set to be complete by July 1, 2021.

The data will be shared by way of APIs – all made possible by advances in technology.

While CDR has been delayed by at least six months, given the plethora of stakeholders and complex issues of data privacy and protection, it is well worth getting it right.

For example, CDR will also need to include derived data (as per the Privacy Act 1988) which, unlike raw data that which is collected or observed by the holder of the data, includes data that has been processed by the data holder.

And, of course, until consumers are sufficiently educated as to how to use CDR, the envisioned benefits will not be realised.

For an update on the current state of play, see: WHICH-50’s article ‘Cover Story: Banking’s Digital Revolution Is Here But No One Is Ready’; Norton Rose Fulbright’s article ‘It’s time to act! Consumer Data Right in the banking sector is looming’; and, Lexology’s article by Herbert Smith Freehills ‘Consumer data right: progress update and key outstanding challenges’.

GIVEN THE LAPSE OF TIME since its initial release, it may be worthwhile rereading the Australian Government’s Treasury publication Consumer Data Right Privacy Protections: From Consent to Permission.

 

 

You may also be interested in

Artificial Intelligence, Australia’s Ethics Framework

Accelerating Privacy Regulation – the Top Emerging Risk for Organisations

First Anniversary of GDPR Passes Quietly but Ominously