ACCC & DSB | CDR Implementation Call Agenda & Meeting Notes (10th of December 2020)
When: Weekly every Thursday at 3pm-4.30pm AEDT
Location: WebEx, quick dial +61262464433,785383900%23%23
Meeting Details:
Desktop or Mobile Devices
https://csiro.webex.com/csiro/j.php?MTID=m7c39ee9db5e5892ab35cd0bd7bbf94ce
Once connected to your meeting remember to start your audio and video
Please mute when you are not speaking.
Video Conferencing (VC) Rooms
Use the remote control or touch panel and dial the number indicated below:
External VC Room: 785383900@csiro.webex.com
Phones - AUDIO ONLY
- Primary Australia: +61 2 6246 4433
- Quick Dial: +61262464433,785383900%23%23
- Other Global Numbers: https://conferencing.csiro.au/Call-in.php
- Meeting Number/Access Code: 785 383 900
- Introductions
- Actions
- CDR Stream updates
- Q&A
- Any other business
Meeting notes
- 5 min will be allowed for participants to join the call.
The Consumer Data Right Implementation Calls are recorded for note taking purposes. All recordings are kept securely, as are the transcripts which may be made from them. No identifying material shall be provided without the participant's consent. Participants may contact@consumerdatastandards.gov.au should they have any further questions or wish to have any material redacted from the record.
We acknowledge the Traditional Custodians of the various lands on which we work today and the Aboriginal and Torres Strait Islander people participating in this call.
We pay our respects to Elders past, present and emerging, and recognise and celebrate the diversity of Aboriginal peoples and their ongoing cultures and connections to the lands and waters of Australia.
| Type | Topic | Update |
|---|---|---|
| Standards | Version 1.5.1 Published | Link to change log here |
| Standards | Version 1.6.0 Drafted | Link to Project Board with proposed changeshere |
| Standards | Version 1.7.0 Proposed | Link to Project Board with proposed changeshere |
| Maintenance | 5th Maintenance Iteration has wrapped up for 2020 | List of scope and agenda(s) can be found here |
| DSB Newsletter | To subscribe to DSB Newsletter | Link here |
| ACCC Newsletter | To subscribe to ACCC Newsletter | Link here |
| End of Year | Last CDR Implementation Call 10th of December 2020 | First CDR Implementation Call in 2021 is: 14th of January 2021 |
| Feature | Articles changed/ published in the last seven days | CDR Support Portal |
Provides a weekly update on the activities of each of the CDR streams and their workplaces
- ACCC Rules
- ACCC CDR Register (Technical)
- DSB CX Standards
- DSB Technical Standards - Banking
- DSB Technical Standards - Energy & Engineering
No presentation this week.
Questions will be received by the community via WebEx chat before the questions are opened to the floor. Participants can pre-submit questions to the DSB mailing box.
Current received pre-submitted questions:
| Ticket # | Question | Answer |
|---|---|---|
| 214 | Wanting to confirm the following in the phasing table: 1. Part 4 for 1 Feb 2021: is this a MUST timeframe or can FI's fall back to the 1 July 2021 as the MUST date? 2. Part 3 for 1 July 2021: has it been finalised that CDR Consumers (customers/members of the bank) can request their information directly from the FI? |
Thanks for your query. Our revised phasing table and accompanying knowledge article provide details of phasing obligations. For clarity: Part 4 obligations (except (a) the initial data holders in respect of their main brands, and (b) reciprocal data holders) commence from July 2021 the ACCC has granted exemptions from direct to consumer obligations until 1 November 2021, as referred to in our CDR newsletter of 4 June 2020. We are continually considering the expansion of the CDR regime based on stakeholder engagement and feedback, and in this regard, we intend to consult on a new API based model for direct to consumer obligations in early 2021. Any updates on this will be shared via our CDR newsletter. |
| 310 | What are the expectations of the ACCC in the scenario where the customer of the DH ends their relationship with the bank but has an active consent. OUr consent dashboard solution (as no doubt many others' is) is within an eBanking solution. In BAU our customers lose access to eBanking when the customer has no active accounts. In the scenario mentioned this means that the customer will cease to have access to their DH dashboard. In fact, they will cease to be an eligible customer with respect to CDR for the DH (or does that only apply to creating consent?). They will, of course, still have access to their ADR dashboard to revoke consent. We would welcome any comment/feedback on this. | CDR Support Portal Knowledge Article |
| 311 | Is there any special provision for multiple signatory joint accounts (many to sign) , either in phasing or behaviour ? Joint accounts can be either; - 1-to-Sign: Anyone with 'transact' permission on the account can make a payment without approval from other people - Many-to-sign: Any payment made by anyone with 'transact' permission will not be made until it is approved/authorised by 'N other people. (i.e. on a 2-to-sign, 1 other person must approve any payment. Are there any differences expected in the consent or data sharing processes between 1-to-sign joint accounts and many-to-sign joint accounts ? Are there any expected phasing differences from a delivery perspective? |
CDR Support Portal Knowledge Article |
| 339 | Are there any rules around where data must reside (eg. all Data Centres must reside only in Australia and not offshore)? | CDR Support Portal Knowledge Article |
| 356 | How should the profile scope be represented in Consent and Authorisation screens? The profile scope isn't addressed in any of the CX Standards or Guidelines. Should it be dependent on the "common.customer..." scopes? For example, if "openid", "profile", and "bank:accounts.basic:read" are requested, unless there is a way to display the profile scope, the user may expect that no PII is available to the ADR, when this isn't actually the case. |
Thanks for the query and you are correct about the consumer's expectations. The DSB is aware of a gap in CX and technical guidance with respect to the profile scope. We will look to consult on this in the new year. At present, the profile scope should only be included where the consumer also consents to the basic customer data cluster (common:customer.basic:read) or detail customer data cluster (common:customer.detail:read). Note also that the ADR has a responsibility to request the essential claims they wish to receive via UserInfo (e.g. given_name) otherwise they mustn't be returned. |
| 358 | Can it be confirmed if Get Metrics can be shared across multiple brands? | CDR Support Portal Knowledge Article |
| 365 | Is it possible for ADR to request reauthorisation for: 1. For an expired consent. 2. Short term consents (sharing_duration=0) |
No you cannot request reauthorisation for an expired consent. An ADR would need to request a new authorisation and the DH would issue a new cdr_arrangement_id for the new established consent. It is technically valid to request authorisation where the sharing_duration = 0. This would imply one-time collection (sometimes referred to as one-time consent). |
| 370 | From previous question Pending and Posted Transaction duplication, it is clear there is no requirement to match pending and posted transactions. But if the data holder wishes to match the pending and posted transaction, is this okay? The example would be a card authorisation comes through as transaction UUID 1234 with a status of pending. Then when the card transaction settles, the transaction would be updated to have a status of posted and potential other changed data against the same transaction UUID of 1234. Depending on when the data was requested from the data holder, then the data recipient would have updated information against the same transaction UUID. Is this acceptable? |
A: It is perfectly acceptable to allow for this kind of linkage using the transaction ID if you are able to. It just isn't a requirement to facilitate this linkage. |
| Ticket # | Question | Answer |
|---|---|---|
| 107 | Answer in progress | |
| 139 | Answer in progress | |
| 174 | Answer in progress | |
| 189 | Answer in progress | |
| 196 | Answer in progress | |
| 203 | Answer in progress | |
| 209 | Answer in progress | |
| 214 | Answer in progress | |
| 221 | Answer in progress | |
| 225 | Answer in progress | |
| 232 | Answer in progress | |
| 244 | Answer in progress | |
| 250 | Answer in progress | |
| 256 | Answer in progress | |
| 257 | Answer in progress | |
| 259 | Answer in progress | |
| 261 | Answer in progress | |
| 263 | Answer in progress | |
| 265 | Answer in progress | |
| 268 | Answer in progress | |
| 283 | Answer in progress | |
| 290 | Answer in progress | |
| 291 | Answer in progress | |
| 292 | Answer in progress | |
| 293 | Answer in progress | |
| 299 | Answer in progress | |
| 301 | Answer in progress | |
| 303 | Answer in progress | |
| 308 | Answer in progress | |
| 310 | Answer in progress | |
| 311 | Answer in progress | |
| 312 | Answer in progress | |
| 318 | Answer in progress | |
| 319 | Answer in progress | |
| 321 | Answer in progress | |
| 323 | Answer in progress | |
| 324 | Answer in progress | |
| 329 | Answer in progress | |
| 331 | Answer in progress | |
| 333 | Answer in progress | |
| 334 | Answer in progress | |
| 335 | Answer in progress | |
| 336 | Answer in progress | |
| 337 | Answer in progress | |
| 338 | Answer in progress | |
| 339 | Answer in progress | |
| 340 | Answer in progress | |
| 341 | Answer in progress | |
| 346 | Answer in progress | |
| 347 | Answer in progress | |
| 350 | Answer in progress | |
| 351 | Answer in progress |
- TBA
Photo by Lynda Hinton on Unsplash