CDR legislation ‘contentious’, ‘watered down’: law firm
On 16 August, the federal government released exposure draft legislation on the Consumer Data Right for public consultation, with submissions to close on 7 September.
The Consumer Data Right (CDR) is set to be rolled out in the banking sector first and will enable open banking.
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
According to a post on the Ashurst website by partner Tim Brookes and lawyer Daniela Lai, a “key point” of the draft legislation is that the “scope of data which is subject to the consumer data right includes data derived from consumer data, such as data to which organisations have added value or applied statistical analysis”.
Speaking to Fintech Business, Lawyers Weekly's sister publication, Mr Brookes said he expected the inclusion of “value-added data, that is, the result of data analytics,” to be “contentious” and has outlined aspects of the CDR draft legislation which he has described as “contentious” and “watered down”.
“Giving competitors access to this information could have unintended chilling effects on the use of analytics by businesses concerned at being required to divulge valuable insights into their customers,” he said.
Mr Brookes also pointed to the “watering down of the reciprocity regime” in the proposed legislation.
“The most recent enquiry into ‘open banking’ recommended that if a business sought to access the data of bank customers then it would have to provide access to the information it held about its own customers.
“It was considered this reciprocity could allow an individual to consent to their service provider, in this case a bank, to collect more data about them.”
The service provider would then be allowed to gain more insight into customer behaviour and provide more tailored products and services, he said.
“However, instead of adopting this regime, the new law will only allow banks to collect from data recipients the information which has been provided to those data recipients about a customer by other banks.”