ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 17th of November 2022
When: Weekly every Thursday at 3pm-4:30pm AEDT
Location: Microsoft Teams
Meeting Details: Join on your computer, mobile app or room device Click here to join the meeting
Meeting ID: 446 019 435 001
Passcode: BU6uFg
Download Teams | Join on the web
Join with a video conferencing device
[email protected]
Video Conference ID: 133 133 341 4
Alternate VTC instructions
Or call in (audio only)
+61 2 9161 1229,,715805177# Australia, Sydney
Phone Conference ID: 715 805 177#
Find a local number | Reset PIN
Learn More | Meeting options
- Introductions
- Actions
- CDR Stream updates
- Presentation
- Q&A
- Any other business
- 5 min will be allowed for participants to join the call.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may [email protected] should they have any further questions or wish to have any material redacted from the record.
By participating in the Consumer Data Right Implementation Call you agree to the Community Guidelines. These guidelines intend to provide a safe and constructive space for members to discuss implementation topics with other participants and members of the ACCC and Data Standards Body.
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.20.0 Published on 3rd of November 2022 | Link to change log here |
| Maintenance | Maintenance Iteration 13 underway | Met 26th of October 2022 and the agenda for the meet is here) |
| Maintenance | Decision Proposal 272 - Maintenance Iteration 13 | Changes, meeting notes and updates for the iteration can be found here |
| TSY Newsletter | To subscribe to TSY Newsletter | Link here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| TSY Newsletter | 3rd of November 2022 | View in browser here |
| DSB Newsletter | 11th of November 2022 | View in browser here |
| Consultation | Normative Standards Review (2021) | No Close Date Link to consultation |
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Noting Paper | Noting Paper 255 - Approach to Telco Sector Standards | Link to consultation |
| Noting Paper | Noting Paper 258 - Independent Information Security Review | Link to consultation |
| Consultation | Decision Proposal 267- CX Standards Telco Data Language Feedback closed: 15th of September 2022 Thanks to those who provided feedback on DP267 by 15th September. With the v5 rules out for consultation, the DSB will leave this issue open for comments while considering existing feedback and developing version 2 of DP267, which is expected to be published for consultation in October. |
Link to consultation |
| Consultation | Noting Paper 273 - Consent Review |
Feedback closes: 9th of December Link to consultation |
| Consultation | Decision Proposal 275 - Holistic Feedback on Telco Standards | No Close Date Link to consultation |
| Consultation | Noting Paper 276 - Proposed v5 Rules & Standards Impacts | No Close Date Link to consultation |
| Survey | The Data Standards Body invite the CDR Community to provide feedback on the different Engineering Tools and platforms. | Link to survey |
| Workshop | Save the date, for a workshop! Treasury and the DSB are considering opportunities to simplify the rules and standards to support a better CDR consumer experience while maintaining key consumer protections. To support this work, a virtual workshop will be held on Tuesday 22nd November, and an accompanying noting paper will be available on GitHub (see Noting Paper 273). This workshop will be of interest to current and prospective data recipients, data holders, consumer advocates, industry representatives, and other parties interested in the evolution of the consent model. Participants will be given the opportunity to comment on possible consent model changes in an interactive session. This workshop will be conducted virtually using Miro to support remote participation. We encourage stakeholders to save the date and ensure they can access the Miro platform on the day. |
Register here for the workshop. |
| Publication | The CDR agencies have published a CDR information map to provide greater clarity on where to go to find guidance about the CDR. The map is a topic-based listing of CDR guidance published by Treasury, the ACCC, the OAIC and the Data Standards Body. It also provides advice on where to go to ask questions. The CDR information map is available on the CDR website. Click on ‘For providers’ and then ‘CDR information map’. | CDR information map |
Provides a weekly update on the activities of each of the CDR streams and their stream of work
| Organisation | Stream | Member |
|---|---|---|
| ACCC | CDR Register | Emma Harvey |
| ACCC | CTS | Andrea Gibney |
| DSB | CX Standards | Michael Palmyre |
| DSB | Technical Standards - Banking & InfoSec | Mark Verstege |
| DSB | Technical Standards - Energy | Hemang Rathod |
| DSB | Technical Standards - Telecommunications | Brian Kirkpatrick |
| DSB | Technical Standards - Register | James Bligh |
| DSB | Engineering | Sumaya Hasan |
No planned presentation this week.
Questions will be received by the community via WebEx chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
In regards to topics for questions, we ask the participants on the call to consider the Community Guidelines when posing questions to the subject matter experts.
| Ticket # | Question | Answer |
|---|---|---|
| 1765 | Ref: https://cdr-support.zendesk.com/hc/en-us/articles/5465006047375-Ceasing-Secondary-User-Sharing The article (and the rules) indicate that it is necessary to withdraw a SUI for a "particular accredited person". As we understand it the term "accredited person" applies equally to ADRs carrying unrestricted OR sponsored accreditation and the word "particular" means a single entity. Currently, as originally highlighted in Maintenance Item 427 (https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/427) a Data Holder only has visibility of the unrestricted ADR (ie. sponsoring) and not the sponsored ADR itself as software products are currently placed "under" the unrestricted ADR entity identifier. On this basis, it appears to be technically impossible to provide a mechanism to allow for the withdrawal of a SUI for a specific Sponsored ADR? Therefore, are we correct to assume that a correct implementation is to only present Unrestricted ADRs in the withdrawal dialogue, as these would be what is visible on the arrangement, and therefore any SUI withdrawal would actually have the effect of applying to the Unrestricted and ANY Sponsored entities for which they are responsible? |
We agree that the reference to ‘accredited person’ in rule 4.6A(a)(ii) should apply to the accredited person with sponsored accreditation (i.e. the affiliate) rather than the unrestricted ADR; however we appreciate that currently there are technical impediments preventing this. The ACCC, DSB and Treasury are continuing to consider the issues raised by rules 1.15(5)(b)(i) and 4.6A(a)(ii) and Treasury is considering possible rules changes. As you are aware, we are encouraging data holders and ADRs to email the Treasury at [email protected] with their concerns, risks and issue they believe will be created due to rule 1.15(5)(b)(i) and 4.6A(a)(ii), which could include this issue. We will continue to consider this issue and that we will review potential solutions based on the outcome of Treasury’s review of possible rules changes. |
| 1771 | Based on https://cdr-support.zendesk.com/hc/en-us/articles/5465006047375-Ceasing-Secondary-User-Sharing, are we allowed to display the secondary user given name or any other info so that the AH can perform this disable action for a particulare sec user as per rule? | We consider that data holders can display details of the secondary user (such as their given name) to allow the account holder to identify the secondary user when making that choice to stop sharing between a particular ADR and particular secondary user. Data holders who are APP entities may need to consider the application of the Australian Privacy Principles and in particular, APP 6 when displaying this information. While it is unlikely APP 6 would prevent an APP entity from displaying the secondary user’s name to the account holder to enable them to perform the this function, it does outline when an APP entity may use or disclose personal information. The OAIC has provided guidance in relation to the Australian Privacy Principles including who an APP entity is and the application of APP 6. |
View a number of informative and useful links in the Consumer Data Standards Guide on Information Links.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
 |
 |