Consumer Data Right

In May 2017, the Productivity Commission released a report 'Data Availability and Use'Productivity Commission 2017, [https://www.pc.gov.au/inquiries/completed/data-access/report Data Availability and Use], Report No. 82, Canberra that recommended, among other things, a new 'Comprehensive Right' for consumers.{{Cite web |last=Lake |first=Jessica |title=Data availability report presents compromised rights for consumers |url=http://theconversation.com/data-availability-report-presents-compromised-rights-for-consumers-76137 |access-date=2022-12-12 |website=The Conversation |date=9 May 2017 |language=en}}{{Cite web |last=Buckley |first=Ross |title=More than banking done right, consumer data rights are set to transform our lives |url=http://theconversation.com/more-than-banking-done-right-consumer-data-rights-are-set-to-transform-our-lives-166036 |access-date=2022-12-12 |website=The Conversation |date=25 August 2021 |language=en}} This proposed new right would allow consumers to access and correct data about themselves held by product or service providers. It would also allow a consumer to have a machine-readable copy of their consumer data provided either to them or directly to a nominated third party, such as a new service provider.

In November 2017, the Australian Government announced plans to legislate a national 'Consumer Data Right', which would allow customers open access to their banking, energy, phone and internet transactions data.{{Cite web |title=Australians will own their banking and internet data under new legislation |url=https://www.zdnet.com/article/australians-will-own-their-banking-and-internet-data-under-new-legislation/ |access-date=2022-12-13 |website=ZDNET |language=en}}{{Cite web |last=Easton |first=Stephen |date=2017-11-27 |title=Feds promise 'sector-by-sector' data rights, more data reforms in a few weeks |url=https://www.themandarin.com.au/86466-feds-promise-sector-by-sector-data-rights-more-data-reforms-in-a-few-weeks/ |access-date=2022-12-13 |website=The Mandarin |language=en-US}} {{Cite web |last=Philipson |first=Graeme |date=2017-11-27 |title=Consumers to own their own data, with new bill |url=https://www.governmentnews.com.au/consumers-data-new-bill/ |access-date=2022-12-13 |website=Government News |language=en-US}}

In 2019, the Australian Parliament passed the 'Treasury Laws Amendment (Consumer Data Right) Bill 2019' to create the Consumer Data Right (CDR);{{Cite web |title=Treasury Laws Amendment (Consumer Data Right) Bill 2019 |url=https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6370 |website=Australian Parliament House}} the bill inserted a new part (Part IVD - Consumer Data Right) into the Competition and Consumer Act 2010,Sullivan, C. (2022). The new Australian Consumer Data Right: An exemplary model for Open Banking. WIREs Forensic Science, 4( 5), e1458. https://doi.org/10.1002/wfs2.1458, page 3 and amended the Australian Information Commissioner Act 2010 and Privacy Act 1988.Julie McKay and Jamie Leach(2022), The Australian Consumer Data Right: The Promise of Open Data, Chapter 10, Jeng, Linda (ed.), Open Banking (New York, 2022; online edn, Oxford Academic, 24 Mar. 2022), https://doi.org/10.1093/oso/9780197582879.001.0001, page 201

The CDR legislationThe Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 5.

• provides individuals and businesses (consumers) with a right to efficiently and conveniently access specified data in relation to them held by businesses (data holders).
• authorises secure access to this data by trusted and accredited third parties (accredited data recipients).
• requires businesses (data holders) to provide public access to information on specified products they have on offer.

The CDR legislation establishes a framework to enable the CDR to be applied to various sectors of the economy over time.The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 17.

The CDR legislation gives the Minister (responsible for the CDR) powers to designate a sector for which the CDR will apply. The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 11. The Minister designates a sector through a legislative instrument. In the instrument, the Minister designates a sector by specifying:The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 12.

• classes of information (designated data)
• businesses (data holders) who hold one or more of those classes of information

The Minister, in the instrument, may also designate a ‘gateway’, or multiple ‘gateways’ to facilitate the transfer of data between a data holder and accredited data recipient or the consumer;The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 20 a gateway typically would be an Australian Government entity, or a body within the effective control of the Australian Government or an Australian state or territory government.The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 20-21

The table below summarizes designations made so far:

The designation instrument itself does not impose data sharing obligations.Elizabeth Kelly (2022), [https://treasury.gov.au/publication/p2022-314513 Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 15. The requirement to disclose particular data emanates from the CDR rules, which provide the framework for how the CDR operates in a particular sector.

The CDR rules are a legislative instrument made (by the Minister) under section 56BA of the Competition and Consumer Act 2010.Parliament of Commonwealth of Australia, [https://www.legislation.gov.au/Details/F2022C00187 Competition and Consumer (Consumer Data Right) Rules 2020], Compilation No. 7 The rules cover all aspects of the CDR framework including:

• Product data requests
• Consumer data requests made by eligible CDR consumers
• Consumer data requests made by accredited persons
• Accreditation
• Dispute resolution
• Privacy safeguards
• Data standards

The rules are applied universally across all sectors of the economy to the extent possible. The rules are being progressively updated as the CDR evolves and expands. The current version of the rules are available from [https://www.legislation.gov.au/F2020L00094/latest/text here].

How CDR participants (data holders, accredited data recipients and gateways) comply with the requirements of the CDR rules are set out in a set of technical specifications called 'Consumer Data Standards'.

The Consumer Data Standards are specifications for how information technology solutions must be implemented to ensure safe, efficient, convenient and interoperable systems to share data. The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 7. The data standards are binding if required by CDR rules;The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 48. however, the standards are not a legislative instrument, in themselves.

The data standards are made by a Data Standards Chair (on the advice of a Data Standard Body). The Data Standards Chair, who is a person appointed by the Minister, makes the data standards in accordance with the sectoral designations and the CDR rules.the Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 47.

The data standards must be published on the internet and be freely available; the current data standards are available from [https://consumerdatastandards.gov.au/ here]. To adapt to changing demands for functionality and available technology solutions, the data standards are living documents subject to continual change.

The governance of the CDR framework is shared across:

• Minister (responsible for the CDR)
• Australian Treasury
• Australian Competition and Consumer Commission (ACCC)
• Data Standards Chair and Body
• Office of the Australian Information Commissioner (OAIC)

The Minister, as well as having the power to designate sectors (for which the CDR will apply), has the power to make CDR rules; up until February 2021, the ACCC was the agency responsible for making CDR rules.Elizabeth Kelly (2022), [https://treasury.gov.au/publication/p2022-314513 Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 87

The Australian Treasury, in addition to providing the Minister with policy advice regarding the CDR and its future directions, is also responsible for consulting for, and advising the Minister on sector designations, and developing the CDR rules; up until February 2021, these responsibilities were performed by the ACCC.

The ACCC is responsible for regulation of the CDR framework, including compliance and enforcement of the rules and standards. It is also responsible for accreditation of CDR participants (holders, recipients, etc);The Parliament of the Commonwealth of Australia (2019), Treasury Law Amendment (Consumer Data Right) Bill 2019, [https://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r6370_ems_ce513d68-7222-49f4-a2fe-67e1c2b32fed/upload_pdf/712911.pdf;fileType=application%2Fpdf EXPLANATORY MEMORANDUM], page 11. the ACCC, among other things, maintains a register of accredited CDR participants called the [https://www.cdr.gov.au/find-a-provider Consumer Data Right Register].{{Cite web |last=Commission |first=Australian Competition and Consumer |date=2018-10-02 |title=The Consumer Data Right |url=https://www.accc.gov.au/focus-areas/the-consumer-data-right |access-date=2022-11-22 |website=Australian Competition and Consumer Commission |language=en}} The ACCC can also grant exemptions from provisions of the CDR rules (as part of its enforcement responsibilities); it maintains a separate public [https://www.accc.gov.au/public-registers/consumer-data-right-exemptions-register register] for granted exemptions. {{Cite web |last=Commission |first=Australian Competition and Consumer |date=2020-03-27 |title=Consumer data right exemptions register |url=https://www.accc.gov.au/public-registers/consumer-data-right-exemptions-register |access-date=2022-11-22 |website=Australian Competition and Consumer Commission |language=en}}

The role of the Data Standards Body is currently undertaken by the Australian Treasury; until February 2021, Data61 (CSIRO) performed the role of the Data Standards Body.

The OAIC oversees matters relating to the protection of consumer privacy and confidentiality, and compliance with the CDR Privacy Safeguards. The OAIC can also investigate a consumer complaint about how a CDR participant has handled the consumer's data; the OAIC may refer complaints to relevant external dispute resolution bodies or the ACCC.{{Cite web |title=CDR regulation |url=https://www.oaic.gov.au/consumer-data-right/cdr-regulation |access-date=2022-11-22 |website=Home |language=en}}

The Australian government has been implementing ('rolling out') the CDR on a sector-by-sector basis. The CDR was first implemented in the banking sector, following that sector's designation in September 2019; though, prior to the sector's designation, work on the CDR rules{{Cite web |last=Commission |first=Australian Competition and Consumer |date=2019-03-27 |title=CDR draft rules (banking) |url=https://www.accc.gov.au/focus-areas/consumer-data-right-cdr-0/cdr-draft-rules-banking |access-date=2022-12-07 |website=Australian Competition and Consumer Commission |language=en}} and Consumer Data Standards for banking had already begun,{{Cite web |last=CSIRO |title=Data61 appointed to Data Standards Body role |url=https://www.csiro.au/en/news/news-releases/2018/data61-appointed-to-data-standards-body-role |access-date=2022-12-07 |website=www.csiro.au |language=en}} and major banks in Australia had already made selected data for their products publicly available.{{Cite web |last=CSIRO |title=Data Standards Body welcomes initial live use of banking Product Reference Data standards |url=https://www.csiro.au/en/news/news-releases/2019/data-standards-body-welcomes-initial-live-use-of-banking-product-reference-data-standards |access-date=2022-12-07 |website=www.csiro.au |language=en}}

The foundational CDR rules commenced in February 2020,{{Cite web |last=Commission |first=Australian Competition and Consumer |date=2020-03-03 |title=Commencement of CDR Rules |url=https://www.accc.gov.au/focus-areas/consumer-data-right-cdr-0/commencement-of-cdr-rules |access-date=2022-12-07 |website=Australian Competition and Consumer Commission |language=en}} and the CDR was formally launched in July 2020,{{Cite web |last=Commission |first=Australian Competition and Consumer |date=2020-07-01 |title=Consumer Data Right goes live for data sharing |url=https://www.accc.gov.au/media-release/consumer-data-right-goes-live-for-data-sharing |access-date=2022-12-07 |website=Australian Competition and Consumer Commission |language=en}}{{Cite web |title=Consumer Data Right for banking goes live |url=https://www.itnews.com.au/news/consumer-data-right-for-banking-goes-live-549932 |access-date=2022-12-11 |website=iTnews}} when selected consumer data sharing obligations for four major Australian banks became mandatory. Other banks and bank data have been progressively included in a phased manner over the years since the CDR launch.Australian Government, [https://www.cdr.gov.au/rollout CDR website], The majority of Australian banking consumers are now able to share their data through the CDR framework;Elizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 15. in the banking industry, this data sharing often goes under the moniker 'Open Banking'. Podder, S. (2021). Australian open banking: the regulatory dilemma of balancing different policy objectives. Australian Journal of Competition and Consumer Law, 29(1), 15-28.

In November 2021, the Minister amended the CDR rules to expand the CDR to the energy sector.{{Cite web |title=Consumer Data Right rolled out to the energy sector {{!}} Treasury Ministers |url=https://ministers.treasury.gov.au/ministers/jane-hume-2020/media-releases/consumer-data-right-rolled-out-energy-sector |access-date=2022-12-07 |website=ministers.treasury.gov.au|date=12 November 2021 }} In October 2022, product-data sharing in the energy sector commenced under the CDR framework; in this context, products include electricity, gas and dual fuel plans. {{Cite web |title=CDR in the energy sector |url=https://www.cdr.gov.au/rollout/cdr-energy-sector |website=CDR}} In November 2022,{{Cite web |title=Consumer Data Right goes live for energy sector {{!}} Treasury Ministers |url=https://ministers.treasury.gov.au/ministers/stephen-jones-2022/media-releases/consumer-data-right-goes-live-energy-sector |access-date=2022-12-07 |website=ministers.treasury.gov.au|date=18 November 2022 }} consumer-data sharing commenced for customer data held by the Australian Energy Market Operator (gateway), and selected energy retailers; consumer data relate to the sale or supply of electricity, including where electricity is bundled with gas.

In January 2022, the Minister (responsible for the CDR) designated the telecommunications sector as the third CDR sector, following banking and energy.{{Cite web |title=More power to compare and switch telco providers and share finance data {{!}} Treasury Ministers |url=https://ministers.treasury.gov.au/ministers/jane-hume-2020/media-releases/more-power-compare-and-switch-telco-providers-and-share |access-date=2022-12-07 |website=ministers.treasury.gov.au|date=24 January 2022 }} In September 2022, Australian Treasury published draft changes to CDR rules to expand the CDR to the telecommunication sector.{{Cite web |title=Consumer Data Right rules - expansion to the telecommunications sector and other operational enhancements {{!}} Treasury.gov.au |url=https://treasury.gov.au/consultation/c2022-315575 |access-date=2022-12-07 |website=treasury.gov.au}}

In December 2022, the Minister designated the non-bank lending sector;{{Cite web |title=Expanding Consumer Data Right to non-bank lenders {{!}} Treasury Ministers |url=https://ministers.treasury.gov.au/ministers/stephen-jones-2022/media-releases/expanding-consumer-data-right-non-bank-lenders?F%20external |access-date=2022-12-07 |website=ministers.treasury.gov.au|date=30 November 2022 }} Australian Treasury also released a design paper on CDR rules and data standards for non-bank lending sector.{{Cite web |title=Consumer Data Right rules and data standards design paper for non-bank lending sector {{!}} Treasury.gov.au |url=https://treasury.gov.au/consultation/c2022-341682 |access-date=2022-12-07 |website=treasury.gov.au}}

In September 2022, the Australian Government released{{Cite web |title=Statutory Review of the Consumer Data Right - Report {{!}} Treasury.gov.au |url=https://treasury.gov.au/publication/p2022-314513 |access-date=2022-12-19 |website=treasury.gov.au}} an independent statutory review{{Cite journal |last=Kelly |first=Elizabeth |date=2022-09-29 |title=Statutory review of the Consumer Data Right: report |url=https://apo.org.au/node/319728 |language=en}} into the CDR framework, and its implementation over the past few years.{{Cite web |date=2022-10-03 |title=Review cybersecurity for consumer data right: report |url=https://www.afr.com/politics/federal/review-cybersecurity-for-consumer-data-right-report-20221003-p5bmry |access-date=2022-12-16 |website=Australian Financial Review |language=en}}

The Review foundElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 6 the CDR framework has been 'broadly effective' in the rollout of the CDR to date.{{Cite web |date=2022-10-04 |title=Data quality issues holding back CDR scheme: report |url=https://www.innovationaus.com/data-quality-issues-holding-back-cdr-scheme-report/ |access-date=2022-12-14 |website=InnovationAus.com |language=en-AU}} However, the Review heardElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 3 'that participants in the CDR are still waiting for the scheme to deliver broad and tangible benefits to consumers, as well as to system participants – including data holders and data recipients'.  And the Review noted 'innovative product offerings are only starting to become available, meaning significant consumer benefits are yet to be realised'.

The Review heardElizabeth Kelly (2022), Statutory Review of the Consumer Data Right, The Australian Government (the Treasury), page 28 that the success of the CDR to date has been difficult to gauge due to the lack of visibility of public success measures for the CDR as a whole. The Review noted the [https://www.cdr.gov.au/ CDR website] (at the time of the review) offers some performance metrics and notedElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 29 that 'significant effort' is underway within CDR agencies to expand these measures, but it argued that these metrics 'could be improved with additional data relevant to the growth of the ecosystem',

The Review heardElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 31 that many businesses 'have continued to use screen scraping despite the possibility of receiving data through the CDR'. Review submissions cited the 'ease and lower cost' of screen scraping and inconsistent CDR data quality{{Cite web |last=Bajkowski |first=Julian |date=2022-10-01 |title=Consumer Data Right review wants 'screen scrapers' banned fast |url=https://www.themandarin.com.au/201438-consumer-data-right-review-wants-screen-scrapers-banned-fast/ |access-date=2022-12-23 |website=The Mandarin |language=en-US}} as reasons for the continued use of screen scraping. The Review arguedElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 1 that data quality must improve to provide a viable alternative to screen scraping and recommendedElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Righ]t, The Australian Government (the Treasury), page 32 that screen scraping be banned in the near future in sectors where the CDR data provides a viable alternative.{{Cite web |last=Bajkowski |first=Julian |date=2022-10-01 |title=Consumer Data Right review wants 'screen scrapers' banned fast |url=https://www.themandarin.com.au/201438-consumer-data-right-review-wants-screen-scrapers-banned-fast/ |access-date=2022-12-23 |website=The Mandarin |language=en-US}}

The Review notedElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 25. that whilst direct‐to‐consumer data sharing is a key part of the CDR, the CDR rules do not currently oblige the sharing of data directly to consumers. The Review heardElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 25 that direct‐to‐consumer data sharing could increase risks (of fraud and to privacy), without significant benefits to consumers. While the Review recognisesElizabeth Kelly (2022), [https://treasury.gov.au/sites/default/files/2022-09/p2022-314513-report.pdf Statutory Review of the Consumer Data Right], The Australian Government (the Treasury), page 27. 'the potential self‐interest inherent in the cohort of data holders and recipients advocating for restricting direct‐to‐consumer data access', it agreed that the framework may require further consideration if direct‐to‐consumer data sharing is to be enabled.

The Review, which was released after the 2022 Opus cyber hacks, stated{{Cite web |date=2022-10-03 |title=Review cybersecurity for consumer data right: report |url=https://www.afr.com/politics/federal/review-cybersecurity-for-consumer-data-right-report-20221003-p5bmry |access-date=2022-12-19 |website=Australian Financial Review |language=en}} that it generally did not hear many concerns from stakeholders about the cyber security settings of the CDR. Nonetheless, the Review recommended{{Cite web |date=2022-10-03 |title=Review cybersecurity for consumer data right: report |url=https://www.afr.com/politics/federal/review-cybersecurity-for-consumer-data-right-report-20221003-p5bmry |access-date=2022-12-19 |website=Australian Financial Review |language=en}} that the Government should consider undertaking a whole of ecosystem cyber security assessment.{{Cite web |date=2022-10-03 |title=Review cybersecurity for consumer data right: report |url=https://www.afr.com/politics/federal/review-cybersecurity-for-consumer-data-right-report-20221003-p5bmry |access-date=2022-12-23 |website=Australian Financial Review |language=en}}

The Australian Government is proposing to extend the CDR legislation to enable a consumer (through an accredited third party) to initiate an action with a (designated) business.{{Cite web |title=Consumer Data Right - Exposure draft legislation to enable action initiation {{!}} Treasury.gov.au |url=https://treasury.gov.au/consultation/c2022-317468 |access-date=2022-12-05 |website=treasury.gov.au}} The types of 'actions' could include:Australian Treasury, [https://treasury.gov.au/sites/default/files/2022-09/c2022-317468-proposed-changes-summary.pdf Exposure draft legislation to enable action initiation in the Consumer Data Right], Summary of proposed changes, September 2022, page 1.

• making a payment;
• opening and closing an account;
• switching providers; and

• updating personal details (such as an address)

In December 2022, the Australian Government introduced into parliament legislation that would extend the functionality of the Consumer Data Right (CDR) to "enable Australian consumers and small business to safely and conveniently instruct accredited third parties to initiate CDR‑powered actions with their consent and on their behalf."{{Cite web |title=Expanded CDR legislation to make online tasks safer and easier {{!}} Treasury Ministers |url=https://ministers.treasury.gov.au/ministers/stephen-jones-2022/media-releases/expanded-cdr-legislation-make-online-tasks-safer-and |access-date=2022-12-08 |website=ministers.treasury.gov.au|date=2 December 2022 }}

• [https://www.cdr.gov.au/ Australian Government's Consumer Data Right website]
• [https://www.legislation.gov.au/Series/F2020L00094 Competition and Consumer (Consumer Data Right) Rules 2020]
• [https://consumerdatastandards.gov.au/ Consumer Data Standards website]
• [https://treasury.gov.au/policy-topics/economy/consumer-data-right Australian Treasury page on the CDR]
• [https://www.accc.gov.au/focus-areas/the-consumer-data-right Australian Consumer and Competition Commission page on the CDR]
• [https://www.accc.gov.au/public-registers/consumer-data-right-exemptions-register Australian Consumer and Competition Commission's public register of CDR exemptions]
• [https://www.oaic.gov.au/consumer-data-right Office of the Australian Information Commissioner page on the CDR]

Category:Law of Australia