ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes | 17th of February 2022 - ConsumerDataStandardsAustralia/standards GitHub Wiki
Agenda & Meeting Notes
When: Weekly every Thursday at 3pm-4.30pm AEDT Location: WebEx, quick dial +61-2-9338-2221,,1650705270##
Meeting Details:
Desktop or Mobile Devices
https://treasuryau.webex.com/treasuryau/j.php?MTID=m9614a7c6166155d3d950a8999e437f9f
Once connected to your meeting remember to start your audio and video
Please mute when you are not speaking.
Video Conferencing (VC) Rooms
Use the remote control or touch panel and dial the number indicated below:
External VC Room: [email protected]
Phones - AUDIO ONLY
- Primary Australia: +61-2-9338-2221
- Quick Dial: +61-2-9338-2221,,1650705270##
- Other Global Numbers: https://treasuryau.webex.com/cmp3300/webcomponents/widget/globalcallin/globalcallin.do?MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&MTID=m311f46c87a3ab9ae5335a6c0ea431da4&serviceType=MC&serviceType=MC&serviceType=MC&siteurl=treasuryau&siteurl=treasuryau&siteurl=treasuryau&apiname=globalcallin.php&apiname=globalcallin.php&apiname=globalcallin.php&rnd=6124483603&rnd=6124483603&rnd=6124483603&tollFree=0&tollFree=0&tollFree=0&ED=1403111402&ED=1403111402&ED=1403111402&needFilter=false&needFilter=false&needFilter=false&actappname=cmp3300&actappname=cmp3300&actname=/webcomponents/widget/globalcallin/gcnredirector.do&actname=/webcomponents/widget/globalcallin/gcnredirector.do&renewticket=0
- Meeting Number/Access Code: 165 070 5270
Agenda
- Introductions
- Actions
- CDR Stream updates
- Presentation
- Q&A
- Any other business
Introductions
- 5 min will be allowed for participants to join the call.
Recording
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may [email protected] should they have any further questions or wish to have any material redacted from the record.
Acknowledgement of Country
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
Updates
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.16.0 Published | Link to change log here |
| Maintenance | 10th Maintenance Iteration | Commenced on the 16th of February 2022 |
| Maintenance | DSB Maintenance Iteration 10: Agenda & Meeting Notes (16 February 2022 | Link to the agenda and minutes |
| TSY Newsletter | To subscribe to TSY Newsletter | Link here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| TSY Newsletter | 16th of February 2022 | View in browser here |
| DSB Newsletter | 11th of February 2022 | View in browser here |
| Consultation | Normative Standards Review (2021) | No Close Date Link to consultation |
| Consultation | Decision Proposal 225 - Data Recipient Security Standards | Feedback closes 18th of February 2022 Link to consultation |
| Consultation | Decision Proposal 229 - CDR Participant Representation | Placeholder: no close date Link to consultation |
| Event | DSB: CDR Introduction - Telecommunications Sector 2022 | Free - Register here |
| Knowledge | [14] CDS 1.16.0 Release Walkthrough and Changes - with Jarryd Judd (15/02/2022) | Link to the video |
| Knowledge | [15] Introduction to the Standards Maintenance Iteration (17/02/2022) | Link to the video |
| Action | Presentation on Register changes for V2 | Planned for 24th of February 2022 (next week) |
| Action | Article on Token Expiry and mutability | Planned and in draft |
| Action | Question Raised: The CX Guidelines provide wireframes for opting out of data sharing for joint accounts but there doesn't appear to be a wireframe for opting back in? Does this exist? Is there specific wording advice that can be provided (similar to the wording examples given on opting out). | Ticket 1346 Raised in CDR Support Portal |
| Action | Questions left over form 10th of February 2022 discussion | Raised for priority in Question and Answer section below |
CDR Stream Updates
Provides a weekly update on the activities of each of the CDR streams and their stream of work
| Organisation | Stream | Member |
|---|---|---|
| ACCC | CDR Register | Hopeson Chiao |
| ACCC | CTS | Andrea Gibney |
| DSB | CX Standards | Michael Palmyre |
| DSB | Technical Standards - Energy | Hemang Rathod |
| DSB | Technical Standards - Banking | Mark Verstege |
| DSB | Technical Standards - Engineering | James Bligh |
Presentation
None.
Q&A
Questions will be received by the community via WebEx chat before the questions are opened to the floor. Participants can submit questions outside of the CDR Implementation Call to the CDR Support Portal.
We are using Sli.do for Question and Answer. Join our Q&A live here: https://www.sli.do/ Code: #169517
Answer provided
The following table will be updated after the meeting.
| Ticket # | Question | Answer |
|---|---|---|
| 1055 Part 1 | As a Data Holder, I'm looking through the list of phase 3 products and wanted to get some further information to help define the below products. 3 phase 3 product (j) a pensioner deeming account; (k) a retirement savings account; It looks like from our product portfolio, these may only exist as part of superannuation products, so would that be out of scope for CDR? | Products that are within the scope of the CDR in the banking sector are defined in section 4(2) of the Consumer Data Right (Authorised Deposit‑Taking Institutions) Designation 2019. Any phase 1, 2 or 3 products referred to in clause 1.4 of Schedule 3 that do not fit within this definition are not currently within the scope of the CDR in the banking sector. We encourage participants to seek their own advice as to whether a product fits within the definition of a product under section 4(2) of the Consumer Data Right (Authorised Deposit‑Taking Institutions) Designation 2019. If a product does fit within this definition, it will be in the scope for the CDR if it is generally known as being a product listed in clause 1.4 of Schedule 3 in the CDR Rules and is publicly offered. ‘Publicly offered’ means products that are generally advertised and available to customers as ‘standard form contracts’, including that they have terms and conditions that are subject to low levels of negotiation, if any. ‘Publicly offered’ does not necessarily mean the product can be acquired by any member of the public – the product may be subject to eligibility requirements and still be considered as ‘publicly offered’. Please refer to the updated Guidance for data holders — assessing whether a product is in scope for CDR for more information. |
| 1055 Part 2 | would you be able to provide an example of what the below phase 3 products would be: This is where I’m struggling as our internal team here are unsure what they could be. (j) a pensioner deeming account; (k) a retirement savings account; | Unfortunately, we are unable to provide advice about specific banking products. However, we understand there are products with these (or similar) titles available on the market. We encourage CDR participants to seek advice from their internal or external advisers to determine how the CDR Rules apply to specific scenarios. |
| 1212 | are trust customers with multiple ind trustees - operating standard savings or transaction accounts (not statutory trust accounts) included? | Trust accounts are a phase 3 product and related obligations commence in accordance with the commencement table at clause 6.6 of Schedule 3. This table shows that trust accounts for individuals are in scope for the CDR for non-major ADIs from 1 February 2022. However, clause 6.7 of Schedule 3 modifies these commencement dates to 1 November 2022 where the obligations on data holders relate to, for example, CDR consumers that are not individuals or partnerships. In determining which is the appropriate commencement date for their products, CDR participants should have regard to whether the CDR consumer, being the person who the data relates to because of the supply of a service to the person (for example, services relating to a trust account that are provided by the data holder) is an individual or not an individual, including a partnership. We encourage data holders to seek their own advice to make that determination in relation to the trust account products they offer, particularly noting that data holders may have a range of different structures for providing trust account products to their customers. |
| 1331 | The CDR Rules require data holders to enable consumer data sharing for eligible consumers. One of the eligibility requirements is that the consumer is an account holder or a secondary user for an account with the data holder that is open and accessible online (see Rule 1.10B and Schedule 3 Part 2 Section 2.1). Can you please clarify whether the open account that the consumer holds is intended to mean only accounts that are in-scope for data sharing (per Schedule 3 Part 1 Section 1.4). I.e. can you please confirm that the eligibility rules do not intend to make customers eligible for data sharing if they only have open online accounts offered by the ADI that are out-of-scope for data sharing. This is particularly relevant when considering closed in-scope accounts, because unless the eligibility rule is limited to in-scope products, it would mean that customers who otherwise have no nexus to the CDR (i.e., no open in-scope products) would be considered eligible for data sharing on their closed in-scope accounts if they had an open out-of-scope product that they can access online. | The purpose of limiting CDR eligibility to those who are over 18 and have at least one open and online account is to ensure that a data holder has some online credentials it can leverage to authenticate the customer. It is not necessary for the open online account to be in-scope for CDR data sharing (as per clause 1.4 of schedule 3). CDR consumers who have access to an open online account in relation to any product (including out-of-scope products) and satisfy the rest of the eligibility criteria will be eligible to share data in relation to their closed and offline accounts for products which are in-scope for the CDR. |
Questions from 10th of February 2022
| Ticket # | Question | Answer |
|---|---|---|
| 1347 | Can secondary users be classified as vulnerable? | |
| 1348 | If the JAHB removes the approval from the consent established by requestor JAHA, is it expected that JAHA/requestor cannot add JA to that consent again? | |
| 1349 | in the Register old website there was a section on back off patterns and responsibility of each party in case the others are down. Has that been ported to the CDR spec or we should use the old website for this? | |
| 1350 | Can an individual account be "opted out" of data sharing in the permission dashboard? | |
| 1351 | If a vulnerable flag is removed should historical arrangements be visible to all parties? | |
| 1352 | could we have an article written on all that's been discussed today on JAs and secondary users? That's a lot of valuable info that we might want to come back to for reference | |
| If secondary users do not have online access today, are we obligated to provide them online access after CDR. | ||
| What are the DH obligations to keep trying to notify the JAHs if it fails several times due to incorrect emails etc? Also don't see any specific reporting reqs? |
Useful Links
View a number of informative and useful links in the Consumer Data Standards Implementation Guide on Information Links.