-
Notifications
You must be signed in to change notification settings - Fork 56
ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes (20th of August 2020)
CDR API Stream edited this page Aug 20, 2020
·
5 revisions
When: Weekly every Thursday at 3pm-4.30pm AEST
Location: WebEx, quick dial +61262464433,785383900%23%23
Meeting Details:
Desktop or Mobile Devices
https://csiro.webex.com/csiro/j.php?MTID=m7c39ee9db5e5892ab35cd0bd7bbf94ce
Once connected to your meeting remember to start your audio and video
Please mute when you are not speaking.
Video Conferencing (VC) Rooms
Use the remote control or touch panel and dial the number indicated below:
External VC Room: [email protected]
Phones - AUDIO ONLY
- Primary Australia: +61 2 6246 4433
- Quick Dial: +61262464433,785383900%23%23
- Other Global Numbers: https://conferencing.csiro.au/Call-in.php
- Meeting Number/Access Code: 785 383 900
- Introductions
- Outstanding actions
- CDR Stream updates
- Q&A
- Any other business
Meeting notes
- 5 min will be allowed for participants to join the call.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
| Type | Topic | Update |
|---|---|---|
| Maintenance | Banking Maintenance Iteration 04 |
Key Phase Dates Phase 1: Retrospective and Backlog Grooming - 9th July 2020 commencement. 2 weeks duration Phase 2: Consultation - 22nd July 2020 commencement. 4 weeks duration Phase 3: Approvals and Documentation - 19th August 2020 commencement. 2 week duration Please contact [email protected] for an invite to the series |
| Maintenance | Banking Maintenance Iteration 04 |
Link to Summary Link to Board of changes |
| Standards | Version 1.4.0 Approved! | Approved list of changes is located here |
| Decision Proposal - Energy | Decision Proposal 111 - Generic Tariff Data Payload | Decision Proposal 111 |
| Event - Workshop | DSB & ACCC - Data Quality Workshop 01 | Link to register is here |
| Guidance | Joint Account Guidance | Find on the CDR-Support Portal here |
Provides a weekly update on the activities of each of the CDR streams and their workplaces
- ACCC Rules
- ACCC CDR Register (Technical)
- DSB CX Standards
- DSB Technical Standards - Energy & Banking
No presentation this week
Questions will be received by the community via WebEx chat before the questions are opened to the floor. Participants can pre-submit questions to the DSB mailing box.
Currently received pre-submitted questions:
| Ticket # | Question | Answer |
|---|---|---|
| - | In the CX guidelines, there are requirements for the consent model to be WCAG complaint. For Data Holders, does this apply to only the pre-login Data consent portal (i.e. authenticating customers & capturing authorisation)? Or does the consent model also extends to the Data consent dashboard? | - |
| - | For QnA - is it required to send the x-fapi-interaction-id in the response in the case of an error response, a) if it is present in the request, b) if it is not present in the request | |
| - | On behalf of one of our member ADIs, do you know if certain products can be exempted from PRD oligations if they are going to be remoed from the suite of products offered by the ADI in due course? | Taken on notice |
| - | CDR allows a customer to request for data sharing arrangement information. Page 90 of the rules section 9.5 says "3) A request under this rule must be in the form (if any) approved by the commission for the purpose of this subrule" Q. Is this a physical form? If so, are ACCC going to provide an approved template or would you like each organisation to draft a form for approval? If the later, are there guidelines for how this process will work? | |
| 68 | #296 CX Stream: Use of ADR name and logo in CX: Where the CX designs refer to an ADR name and logo should this be ADR name/logo or where provided - Brand or Software product? The CX should be consistent from consent through to authorisation establishment and management #297 Rules Account Owners added after authorisation. For accounts (typically businesses) an account owner can be added after an account has been opened. If a data sharing consent has been established when only one owner was on the account and subsequently an additional owner was added does the data holder need to stop sharing the data on that account (Phase 1 only single account holder) or pause sharing until the second holder has provided authorisation (Phase 2) If a third owner is added should disclosure of that account then be stopped and the account become ineligible to share. Additionally – Im sure this has been raised before but I could find the status?? The privacy safeguards require Dataholders to provide customers the ability to have their data resent / qualified following a data correction. Is there a mechanism being developed in the standards to support this requirement? |
- |
| 67 | Do we have and updated timeline on results of the consultation on Intermediaries and next steps to reach final rules and standards or when further consultations may be carried out | - |
| 66 | Question relates to Part 7 – Rules relating to privacy safeguards, section 7.2.1. According to this rule, we need to include details of the complaints process on the CDR policy. We are already required by RG165 to provide details of our complaints process online. Just wanted to find out whether the following details need to be spelled out on the CDR policy OR whether we can refer customers to our generic complaints process that include the details below?
Note: This subrule is a civil penalty provision (see rule 9.8). |
- |
| 65 | Are there any Data Sovereignty requirements for a CDR solution developed by a FinTech on behalf of a Data Holder to be hosted in Australian Data Centres (either Cloud Provider or Hosted Solution)? There doesn't appear to be any mention of this in the available CDR specifications. | - |
| 61 | In respect of reporting requirements to the ACCC, the guidance for PRD-only reporting (https://www.cdr.gov.au/sites/default/files/2020-06/CDR%20-%20Reporting%20forms%20on%20product%20data-related%20obligations%20-%20Guidance%20for%20data%20holders.pdf) currently notes that the "Total number of complaints made to you by other CDR participants" uses the definition of a CDR Participant from the Act which specifically calls out Data Holders and Accredited Data Recipients. In view of the fact that the likely majority of users of the PRD APIs will be neither Data Holders nor ADRs, can you please confirm that reporting of complaints from these entities (e.g comparison web sites) is NOT required? This seems odd and I question whether this is the intent of the reporting requirement and whether a drafting amendment is needed? | - |
| - | Per the rule below, I please confirm: 1) whether we need to create a form for customers to request for data sharing arrangement information? 2) If the form needs to be approved by the Commission – what process do we use to get this approved? Rules: Page 90 Section 9.5 "3) A request under this rule must be in the form (if any) approved by the Commission for the purpose of this subrule" Is this a physical form? Do we need to create this OR will the Commission provide us one? |
- |
- TBA
| # | Question | Answer/ Action |
|---|---|---|
| # | ||
| # | ||
| # | ||
| # | ||
| # | ||
| # | ||
| # |
Other business
- TBA
- TBA
- TBA