ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 27 February 2025
When: Weekly every Thursday at 3pm-4:30pm AEST
Location: Microsoft Teams
Meeting Details: Join on your computer, mobile app or room device Click here to join the meeting
Meeting ID: 446 019 435 001
Passcode: BU6uFg
Download Teams | Join on the web
Join with a video conferencing device
[email protected]
Video Conference ID: 133 133 341 4
Alternate VTC instructions
Or call in (audio only)
+61 2 9161 1229,,715805177# Australia, Sydney
Phone Conference ID: 715 805 177#
Find a local number | Reset PIN
Learn More | Meeting options
- 5 min will be allowed for participants to join the call.
- This call is jointly facilitated by the ACCC and the DSB, and we welcome observers from APRA, OAIC and the Treasury.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may [email protected] should they have any further questions or wish to have any material redacted from the record.
By participating in the Consumer Data Right Implementation Call you agree to the Community Guidelines. These guidelines intend to provide a safe and constructive space for members to discuss implementation topics with other participants and members of the ACCC and Data Standards Body.
⭐ indicates change from last week.
| Type | Updated | Links |
|---|---|---|
| Standards | Version 1.33.0 | Published: 18th of December 2024 Change log |
| Maintenance | Iteration 22 runs fortnightly through to April Decision Proposal 364 - Maintenance Iteration 22 |
Link to consultation |
| DSB Newsletter ⭐ | 21 February 2025 | View in browser here |
| Consultation | Noting Paper 363 - Applicability of Authentication Frameworks | Link to consultation |
| Guidance ⭐ | Updated Data Holder CX artefacts and requirements to reflect Competition and Consumer (Consumer Data Right) Amendment (2024 Measures No. 1) Rules 2024. This includes visual, UI and experiential updates, as well as new and updated rules, standards and guidelines references. | - Authorise: Authorisation to disclose joint account data Guideline & change log - Consent Management (Data holder): Authorisations Guideline & change log - Consent Management (Data holder): Withdrawal Guideline & change log - Consent Management (Data holder): Account permissions - Secondary Users Guideline & change log |
| Guidance | Recently revised guidance to reflect the v7 rules | - Compliance guide for data holders – energy - Compliance guide for data holders – banking - Joint account implementation guidance - Secondary users in the banking sector fact sheet - Secondary users in the energy sector fact sheet - Quick reference guide to finding documents in the CDR legislative framework - Introducing a new software product - Ceasing secondary user sharing - Managing implementation, product and plan changes – data holder obligations |
| Tooling ⭐ | Test Data Generator: Updated to align with the latest CDS v1.33.0. | npm package |
| Tooling ⭐ | JS Holder SDK: Updated to align with the latest CDS v1.33.0. | npm package |
| Tooling | Recently updated tools to align with the latest version of CDS (1.33.0) | - Postman Collection - JSON schema tools - Type Definition Library |
Provides a weekly update on the activities of each CDR stream and their work.
| Org | Stream | Member |
|---|---|---|
| ACCC | - Register Application and Accreditation Platform - Participant Tooling - CDR Onboarding |
Christian |
None this week.
Questions will be received by the community via Microsoft Teams chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
In regards to topics for questions, we ask the participants on the call to consider the Community Guidelines when posing questions to the subject matter experts.
| Ticket # | Question | Answer |
|---|---|---|
| 2395 |
User Experience when creating a new authorisation In instances where the user is finalizing the authorization process and selects the confirm button, the data holder is responsible for transmitting the response to the ADR through the redirect URL. Should an unexpected complication arise causing the application to freeze during this redirection, the new consent record is retained by the data holder but remains inaccessible to the ADR. What is the optimal user experience for such scenarios? "New consent" is referring to the process of saving the arrangement in the data holder's system following the user's confirmation action in the new authorization setup. |
The below focuses on UX guidance to help address the scenario. We will share more details on when ADRs and DHs are expected to provide consumer dashboards following further discussion with CDR agencies. DH dashboard If the DH detects an issue with the authorisation, such as where the DH knows or suspects the ADR cannot collect data, the DH may notify the consumer of the suspected error and direct them to contact the ADR for more information. This is not a requirement but a best practice recommendation. Alternatively, a DH may choose to display a default message on the consumer dashboard indicating that no data has been shared yet. This is also optional, and would be superseded by the rule 7.9(1) requirement once data has been disclosed. Once data has been disclosed, the authorisation must include the information required by rule 7.9(1) relating to Privacy Safeguard 10 (for a visual example see 5CM1.00.07 in CX Guidelines for data holder dashboards, authorisations: default example). ADR dashboard ADRs could adopt a similar approach for this scenario where a consent is active but data has not or cannot be accessed, which would be superseded by the respective ADR rule 7.4 requirement when/if access commences. If an ADR detects a data access issue, they may wish to notify the consumer of the suspected error, request a new consent, and may provide details with which to advise the consumer to withdraw the faulty authorisation via the DH dashboard. |
Attendees are invited to raise topics related to the Consumer Data Right that would benefit from the DSB and ACCCs' consideration.
View a number of informative and useful links in the Consumer Data Standards Guide on Information Links.
| Data Standards Body | Consumer Data Right | Digital ID | Contact & Media |
| Chair | Standards | Accreditation Standards | Website |
| News | Maintenance Iteration | AGDIS Standards | |
| Advisory Committee | CX Guidelines | Calendar | |
| Support Portal | |||
| YouTube | |||
| GitHub | |||
| Newsletter |