The Business Council supports giving consumers greater access and control over their personal and transaction data.
The concept of a Consumer Data Right (CDR) was recommended by the Productivity Commission and Open Banking Review, to allow consumers the right to access their personal and transaction data and request transfer of that data to third parties. The Business Council has supported the Productivity Commission’s concept and design of a CDR.
However, the exposure draft is fundamentally and unexpectedly different to the recommendations of the Productivity Commission, and other previous reviews.
As it currently stands, we anticipate the draft legislation could potentially: undermine the privacy and cyber security of consumers’ data; cause tremendous confusion, uncertainty and regulatory burden for businesses – especially small and medium businesses; and put Australian companies at a competitive disadvantage, relative to their international competitors, when investing or innovating in data. Much of the risk arises from aspects of the draft legislation that go beyond the original policy objective of data portability.
A policy change of such magnitude should not be rushed, so risks can be fully considered. This submission proposes drafting suggestions to achieve the same policy objective – data portability – and bring the CDR back in line with the Productivity Commission’s approach.