The security and integrity of the Consumer Data Right (CDR) system is upheld by the privacy safeguards, contained in the Competition and Consumer Act 2010 (Cth) and supplemented by the CDR Rules.
The privacy safeguards set out the privacy rights and obligations for participants in the CDR.
The 13 privacy safeguards cover:
- Open and transparent management of CDR data
- Anonymity and pseudonymity
- Seeking to collect CDR data
- Dealing with unsolicited CDR data from CDR participants
- Notification of collection
- Use or disclosure of CDR data
- Direct marketing
- Overseas disclosure of CDR data
- Adoption or disclosure of government identifiers
- Notification of disclosure
- Quality of CDR Data
- Security of CDR data and the handling of redundant data
- Correction of CDR data.
The CDR Privacy Safeguard Guidelines outline how the OAIC interprets and applies the privacy safeguards when exercising its CDR functions and powers.