Australia’s competition regulator has been handed "substantial scope" to devise the government’s impending consumer data right, which will give consumers unprecedented access to their banking, energy and telco data.
An exposure draft of the legislation, published today, reveals that “key elements” of the new consumer data right will be governed by “consumer data rules” to be decided by the Australian Competition and Consumer Commission and not enshrined in the legislation.
The consumer data right is intended to provide individuals with information that helps them compare offers, access cheaper products, and more easily switch to new services.
It will create a new framework that allows individuals to easily access “specified data” about themselves that is held by a business, as well as direct data holders to provide trusted and accredited third parties with secure access.
There will also be a requirement for “businesses to provide public access to information on specified products they have on offer”.
Data is expected to broadly cover "product information, transaction records or any other data specified in the designation"
The banking sector will be the first cab off the rank via the government broader open banking initiative, with Authorised Deposit-taking institutions (ADIs) expected to begin “transfer[ing] data collected or generated from 1 January 2017”.
The government has also committed to applying the consumer data right to the energy and telecommunication sectors, with the possible for other sectors of the economy to be designated in the future.
But which providers, the types of data the scheme will apply to, and how the data is made available is not stipulated in the the legislative apparatus itself.
Instead it will be covered by an “instrument of designation” - which will come into effect on 1 July 2019 - and consumer data rules to be determined by the ACCC.
“The ACCC will take the lead on issues concerning the designation of new sectors of the economy to be subject to the CDR and the establishment of the consumer data rules,” the draft legislation states.
The government said the powers were necessary to “tailor the consumer data rules to sectors and this design feature acknowledges that rules may differ between sectors”.
“While it might appear that the ACCC is provided with significant powers to create consumer data rules and the framework is merely that, it is important to consider the broader context,” it said.
“The CDR will be applied across very different sectors of the economy which are already subject to various regulatory regimes.”
“As a result, the Government considers it important to provide direction to the ACCC on the types of consumer data rules that can be made, balanced with the flexibility to make rules that are appropriate and adapted to any industry that might become designated into the future.”
The draft legislation does, however, set out the three central participants that will constitute the consumer data right scheme: data holders, accredited data recipients, and the consumer.
Data holders are defined as entities that have “collected, generated or hold data” captured by through an initial transaction with an individual.
Accredited data recipients, on the other hand, are entities that hold CDR data as a result of that data being disclosed to them at the direction of a CDR consumer.
This could occur if a consumer chooses to switch banks, for instance.
But the draft legislation also points out that “the system is flexible and may also provide via the consumer data rules, for interactions between consumers and non-accredited entities”.
“Data that has been derived from CDR data, such as financial reports compiled from transaction data, may also be transferred by a CDR consumer out of the CDR system,” the draft legislation states.
“ For example, to their accountant. However, the collection, storage, use and disclosure of that information will be regulated via the APPs, if applicable.”