Privacy and data protection
DATA SURVEILLANCE
Under the recently released banking proposal, methods of requesting CDR data include: –– product data requests, where individuals may request CDR data that relates to a product offered by the data holder; and –– consumer data requests, where individuals may request data that relates to themselves. Alternatively, an accredited person may request CDR data on behalf of a consumer for the purpose of providing goods or servicing under a CDR contract with that individual. From 1 July 2019 the rights will apply to all major banks in relation to data on credit, debit cards, deposit, and transaction accounts. Data right on mortgages from major banks will become accessible in February 2020 and remaining products by July 2020. All other banks will follow the same roll-out starting 12 months after the major banks and the ACCC will have the power to adjust timeframes if necessary. The ACCC has flagged the commencement of CDR in the energy sector for the first half of 2020 and Treasury has hinted at the CDR being implemented economy-wide, based on the advice from the ACCC and the OAIC.
The Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) ( the Assistance and Access Act ) passed both houses of Parliament on 6 December 2018 and took effect on 9 December 2018. The Assistance and Access Act provides government agencies with powers to intercept and monitor electronic communications including communications that are protected by encryption technology. Under the Assistance and Access Act, technical capability / assistancenoticescanbe issued to companies by Australian government agencies, requiring them to remove any encryption and secure authentication on both devices and services so as to allow access to the data. Technical assistance requests may also be issued although compliance is voluntary. The Assistance and Access Act has been met with significant resistance, particularly from technology companies who argue that alteration to their systems to allow for compliance of technical capability notices will weaken their data security protocols and create backdoors which may potentially expose other consumer data. There are also concerns that exporting Australian technology will become more difficult.
Made with FlippingBook flipbook maker