Alex Horder -金博宝188手机app最新下载 技术的法律边缘 //www.zs-weijie.com 全球技术部门博客 星期一,18月2021年13:11:42 +0000 en - us 每小时 1 https://wordpress.org/?v=5.8.2&lxb_maple_bar_source=lxb_maple_bar_source. https://technologyslegaledergefullservice.dlapiperblogs.com/wp-content/uploads/sites/19/2019/02/cropped-favicon_512x512-32x32.gif. Alex Horder -金博宝188手机app最新下载 技术的法律边缘 //www.zs-weijie.com 32. 32. CDR v3:澳大利亚财政部将扩大消费者数据权制度的使用范围 //www.zs-weijie.com/2021/10/cdr-v3-austrian-treasury-moves-to-expand-access-to-the-consumer-data-right-regime/ Anthony Lloyd,Alex Horder和Edmond Lau 星期一,18月2021年13:11:42 +0000 数据隐私 CDR. 消费者数据对 //www.zs-weijie.com/?p=6358

背景在9月30日,竞争和消费者(消费者数据右)规则2020(CTH)被修改[1],目的是降低到消费者数据正确制度(CDR)参与的障碍,如澳大利亚的预示Treasury’s prior proposal in April and related exposure draft legislation released in July. By increasing ease of access, the amendments aim to... Continue Reading…

背景

在9月30日,竞争和消费者(消费者数据右)规则2020 (cth)被修改 [ 1] with the aim of lowering barriers of entry to Consumer Data Right regime (CDR) participation, as foreshadowed by the Australian Treasury’s prior proposal in April and related exposure draft legislation released in July.

By increasing ease of access, the amendments aim to increase the adoption of the CDR among a wider range of organisations, and in doing so, enable consumers to make greater use of their data rights. The amendments are the latest in a series of steps taken by the Treasury to expand the reach of the CDR, aimed at implementing the CDR on an economy-wide basis.

Broadly, the amendments seek to:

  • implement new pathways for organisations to access the CDR, including through facilitating “Sponsored Accreditation” and enabling the appointment of “CDR Representatives”;
  • establish new models for the sharing of CDR data outside the CDR ecosystem, including to “trusted advisers” and in the form of “CDR Insights”; and
  • implement a single consent mechanism for joint accounts, in respect of the sharing of account-related CDR data.

Sponsored Accreditation and CDR Representatives

Sponsored Accreditation

The Sponsored Accreditation process allows an organisation to become accredited under the CDR by contracting with an existing accredited person, who may act as the sponsor of that organisation for the purposes of accreditation. The criteria for ‘Sponsored Accreditation’ and the obligations that come with it, are the same as for other accredited persons. However, the sponsored organisation will not be required to go through the accreditation process that was required originally (for example, in respect of the implementation of the CDR in the banking sector, in which participants were required to provide an information security assurance report, once accredited). Importantly, however, sponsored organisations cannot directly collect information from data holders, but must request that their sponsor collect the relevant data for them.

This materially lowers the barrier to entry for sponsored organisations, who can now seek to leverage the CDR without having to undergo the traditional accreditation process, which, during the Open Banking implementation of CDR, was criticised as being laborious and costly. This form of accreditation may be useful in situations where an accredited organisation is looking to partner with smaller affiliates, to provide services requiring access to CDR data. For example, a FinTech start-up may choose to contract with (and be sponsored by) a large ADI (or vice versa) for this purpose.

CDR Representatives

The amendments propose to implement a quasi-accreditation “CDR Representative” process, intended to commence by 19 October, which would allow organisations that offer CDR-related services to consumers, to become a CDR Representative (Representative) of an accredited participant (Principal), thereby enabling those Representatives to access and use the CDR data of the Principal without needing proper accreditation.

The amendments also prescribe terms for any contractual arrangements between Representatives and Principals, particularly in respect of the use and disclosure of CDR data by Representatives. The amendments also provide that a Principal would retain responsibility and liability for the acts and omissions of Representatives in connection with such arrangements.

Accredited persons will now be able to rely on outsourced service providers to collect CDR data on their behalf, reducing business costs associated with data collection. As with the arrangements between Representatives and Principals , responsibility and liability for the collection of the CDR remains with the relevant accredited person, and does not pass to the outsourced service provider.

Trusted Advisers and CDR Insights

The amendments establish new CDR data sharing models, intended to provide consumers with greater choice as to who their CDR data can be shared with by accredited organisations, outside the CDR ecosystem – that is, outside the existing network of accredited persons, sponsored entities and Representatives.

Trusted Advisers

Consumers may nominate a professional (such as a consumer’s accountant, or legal or financial adviser) to be a “trusted adviser”who may access CDR data on behalf of that consumer. While a professional may not be an accredited person for the purposes of the CDR, the Amendments recognise that professionals are appropriately regulated to receive CDR data, particularly due to the consumer protection mechanisms that form part of their respective regulatory frameworks. It is expected that consumers will be able to share their CDR data with trusted advisers by 1 February 2022.

CDR Insights

Consumers may also consent to the sharing of their CDR data by accredited organisations, in certain, prescribed situations, intended to make it easier for consumers to receive goods and services. This shared CDR data is known as a “CDR insight”; . CDR insights can be shared, for example, to verify a consumer’s identity, their account balance or details about their transactions. The Data Standards Chair will separately consult with key industry stakeholders, to establish the standards enabling CDR insight disclosures.

Single Consent for Joint Accounts

The amendments seek to simplify the consent process for CDR data sharing, as it relates to joint consumer accounts. Specifically, the Amendments seek to enable the CDR data of joint account holders to be shared with the consent of only one (not both) of those joint account holders. However, Accredited Data Holders must provide joint account holders with the option to change their consent option (for example, to require joint consent for the sharing of CDR data, or to entirely prevent the sharing of any CDR data in respect of the relevant account). It is intended that this joint consent capability will commence in February 2022.

What does this mean for businesses?

These changes will lower barriers to entry for those wishing to participate in the CDR, and for those who have not received CDR accreditation to date, offer new pathways to access CDR data that weren’t available before (that come without the additional burden of the accreditation process). Similarly, for already-accredited organisations, the number and type of organisations with whom they can partner and share CDR data, will be materially increased . This will enable accredited organisations to take advantage of breadth of market expertise, and deliver a better and more efficient customer experience.

In order to prepare for CDR participation and leverage the opportunities presented by it, businesses (whether accredited or not) may need to:

  • develop a board-endorsed, fit-for-purpose CDR strategy;
  • assess the type and extent of consumer data they hold;
  • perform a “readiness assessment” of their technology landscape, including examining the need to bolster their existing data security measures and privacy controls;
  • (if they are data holders) ensure they are able provide data management options for joint account holders;
  • consider their relationships with other parties including affiliates, partners and outsourced service providers, looking for opportunities arising from the CDR (including these recent changes) , particularly in respect of collaboration and innovation that may lead to the best regime-compliant customer experience;
  • implement access and authentication controls in order to enable third party access to relevant data; and
  • assess and implement required changes to existing business processes and policy frameworks related to customer data.

How can DLA piper help?

Data is now the digital gold of contemporary commerce. As CDR becomes increasingly prolific in the market, finding a way to navigate the regulatory and commercial landscape will not only be beneficial, but critical to business growth.

In our experience, preparing for compliance with the CDR will require significant IT and regulatory effort and investment that needs to be planned for now. Having assisted clients in the banking sector in respect of the implementation of the ‘Open Banking’ regime, DLA Piper is well-placed to assist you and your team in understanding the real-world legal, technical, regulatory and commercial issues and challenges surrounding participation in the CDR, whether as an accredited person, sponsor, Principal, Representative or otherwise.

Please contact us for more information as to how we may help you and your business.


[1] by the Competition and Consumer (Consumer Data Right) Amendment (2021 Measures No. 1) Rules 2021 (Cth)

消费者数据权利的管道,以撒下广泛的网 //www.zs-weijie.com/2021/09/consumer-data-right-pipeline-to -cast-a-wide-net/ Anthony Lloyd和Alex Horder 星期一,06 9月2021 08:18:49 +0000 未分类 adi. 农业 银行业 CDR. 竞争与消费行为 消费者数据对 消费者法律 数据 教育 金融服务 食物 一般保险 政府 杂货 健康保险 保险 忠诚 隐私 退休金 电信 运输 //www.zs-weijie.com/?p=6354

Background With the implementation of the Consumer Data Right (CDR) in the banking sector (known as ‘Open Banking’) well under way, the release of draft amendments to the CDR rules for the energy sector, and the continuing development of the framework for implementing the CDR in the telecommunications sector, the Australian Government intends to continue... Continue Reading…

Background

随着消费者数据权(CDR)在银行业(被称为“开放银行”)的实施,< a href = " https://www.dlapiper.com/insights/publications/2021/09/treasury-proposes-draft-rules-for-the-consumer-data-right/ " >释放能源部门的CDR规则修正案(草案)> < /,和持续的发展框架的实现CDR在电信行业,澳大利亚政府打算继续按部门循序渐进地推出CDR,以便在整个经济基础上实施CDR。

2021年7月22日,财政部发布了一份咨询文件,列出了在能源和电信部门完成CDR的实施后,建议接受CDR的目标行业。这些部门包括:

  • 保险(一般保险和健康保险);
  • 杂货;
  • 忠诚计划;
  • 非银行贷款人;
  • 养老金;
  • 运输;
  • 政府;
  • 健康;李和李< / > < >农业。

部门指定

澳大利亚财政部,与ACCC合作,负责根据国库法修正案(消费者数据权)法案2019 (Cth),包括:

  • 相关行业和行业本身在效率、完整性和安全性方面对消费者可能产生的影响;
  • 对个人隐私可能产生的影响
  • 实施CDR规则的潜在监管影响;以及相关行业和更广泛的澳大利亚经济竞争和创新的潜力。

这对企业意味着什么?

Preparing for compliance with the CDR regime will require significant IT and regulatory efforts – we have seen that this has already been the case with clients in the banking sector. Further, the implementation of the CDR will present an opportunity for new, disruptive technologies and new sector participants to emerge, as players try to service customers through a single relationship that crosses multiple sectors.

In order to ready the battlements for CDR implementation and leverage the opportunities presented by it, clients may need to:

  • develop a board-endorsed, fit-for-purpose CDR strategy;
  • assess the type and extent of consumer data that they hold;
  • perform a ‘readiness assessment’ of their technology landscape, including examining the need to bolster their existing data security measures and privacy controls;
  • implement access and authentication controls in order to enable third party access to relevant data; and
  • assess and implement required to changes to existing business processes and policy frameworks related to customer data.

All of this requires significant time, effort and investment that needs to be planned for now.

Clients may also wish to examine opportunities in the market in respect of collaboration with existing entities and innovation, with a view to creating the best regime-compliant customer experience.

How can DLA Piper help?

Having assisted clients in the banking sector in respect of the implementation of the Open Banking regime, DLA Piper is well-placed to assist you in understanding what will be required in implementing the CDR into your business, including in terms of the real-world issues arising with implementation.  We can also work with your team to understand and deal with the legal, technical and regulatory challenges that you will likely face as you begin to navigate the high seas of CDR implementation.

Make no mistake, the technology, business process implementation, training and staffing effort to implement this regime is significant.  It shouldn’t be viewed simply as a regulatory burden, but as an opportunity to grow your customer base and as an essential and key part of your strategy to retain the customers you already have. Please contact us for more information as to how we may help you and your business.