The federal government is hoping to reform the Australian data system, in May announcing it would be investing AU$65 million on initiatives such as the country's new Consumer Data Right (CDR), which will allow individuals to "own" their data by granting them open access to their banking, energy, phone, and internet transactions, as well as the right to control who can have it and who can use it.
The Australian Competition and Consumer Commission (ACCC) has been charged with oversight, specifically responsible for rule-making, consumer education, and eventually the enforcement of the CDR.
The ACCC is now seeking feedback from consumers, businesses, and community organisations on the approach it should take regarding setting up the CDR rules.
"It is important to the success of the Consumer Data Right regime that consumers, businesses, and stakeholders have transparency over the ACCC's approach in setting up these detailed rules," ACCC Commissioner Sarah Court said.
"The overarching principle the ACCC will take is to implement the Consumer Data Right in a way that provides benefits to consumers, without compromising data security,"
The first sector of the Australian economy to which the CDR is to be applied is the financial services sector, through an Open Banking regime.
As a result, the ACCC said it will be shaping the CDR rules around the financial services sector and its new legislative requirements.
The consumer watchdog expects the other industries to fall under the CDR will be governed by the same rules determined for banking, but they will be tweaked where required.
"The ACCC will work toward developing frameworks tailored to specific industries as they are designated and added to the Consumer Data Right regime," Court continued.
It is expected energy and telecommunications will be the next sectors included.
"We live in a world in which the importance and value of data has increased significantly for businesses, allowing them to target their consumers in ways that were previously unheard of, and the volume of data that is routinely harvested has become almost incomprehensible," ACCC chairman Rod Sims said previously.
"The genie is out of the bottle, now we have to decide what to do with it."
Discussing the CDR at the Consumer Policy Research Centre's Consumer Data Conference in July, Sims said it is not intended to be the one-stop shop for regulation and control of consumer data, rather something giving consumers the right to safely access data held by businesses about them, and to direct how -- if at all -- such information is transferred.
"The CDR is also not an obligation to share data with third parties," he clarified. "Taking banking as an example, customers may still go on banking the same way without ever participating in Open Banking if they do not wish to.
"The way data is used within society is changing rapidly. Business is obtaining a benefit from this data but often consumers are not. Indeed, innovations that arguably benefit consumers such as targeted news or advertising are controlled almost exclusively by business interests rather than consumer decisions or choice.
"In this context, attempts to redress the balance and give more control to consumers, and to spur competition, are to be strongly welcomed."
PREVIOUS AND RELATED COVERAGE
ACCC chairman believes the new Consumer Data Right will enable consumers to benefit from the data businesses already hold.
The Australian government has outlined its approach to a new Data Sharing and Release Bill, which aims to balance sharing data held by government with risk management.
A review has requested that Australia's largest banks be ready to hand over customer data at request from the day an Open Banking regime becomes legislated.
The Australian Privacy Foundation wants the government to develop security controls around sharing open data and provide the agency charged with investigating data misuse with 'adequate' resources.
Australia is charging headlong into a privacy disaster as government open data initiatives come online without considering how to properly implement privacy safeguards and data anonymity.