The ACCC yesterday released the official Consumer Data Right (CDR) Rules, clarifying the ways to request CDR data and explaining how they will play out within the context of the banking sector.
Any person can request that an institution disclose data that relates to the products it offers. This can be information pertaining to the eligibility criteria, terms and conditions, price, availability or performance of a product, including residential home loans, property investment loans, mortgage offset accounts and personal loans.
In these cases, data relating to a specific consumer cannot be requested or obtained. The institution will use a specialised service to disclose the product data, in machine-readable form, to the person who made the request. When it sends the information through, the institution cannot impose conditions, restrictions or limitations of any kind on the use of the data.
Consumers can request CDR data that relates to them individually through a specialised online service provided by the institution. The data is then disclosed, in human‑readable form.
This could include data in relation to a transaction or product-specific data in relation to a product that consumer uses.
Consumers may request an accredited person approach an institution to obtain CDR data on their behalf. It must be done in accordance with relevant data standards, and will also be processed through a specialised service provided by the institution. The data is then disclosed, in machine‑readable form, to the accredited person. The accredited person may only collect and use CDR data in order to provide goods or services in accordance with a request from a consumer.
Initially, these rules will apply only in relation to certain products, listed above, and those that are offered by certain institutions within the banking sector, but they will be expanded to apply to a progressively broader range of institutions and products moving forward.