Latest Products

Privacy Concerns : Enforcement & Investigation

Friday 15 July 2022

CDR Penalties
Consumer Data Right (CDR) was introduced to improve competition and consumer outcomes.

 Though the banks were the first to be captured by the CDR,  IT staffing shortages caused by the  COVID-19 pandemic meant that meeting the data sharing requirements were delayed.

The Bank of Queensland (BOQ)  paid $133, 200 in penalties for not for not providing an avenue for sharing consumer data until five months after the required time.

The Australian Competition and  Consumer Commission (ACCC) said in formal statement requirements, “If CDR participants do not comply with their obligations, the ACCC will consider taking enforcement action in line with the CDR Compliance and Enforcement Policy. This can include administrative outcomes, enforceable undertakings, infringement notices, suspension, or revocation of accreditation, or commencing court proceedings.”

The regulator said that it did take into consideration the delays that would have been caused by the pandemic.

“In deciding to issue an infringement notice to Bank of Queensland, the ACCC took into account a number of factors, including the period of alleged non-compliance, the number of customers potentially impacted, the resourcing constraints Bank of Queensland faced in developing its CDR infrastructure and the steps it took to limit the duration of its non-compliance.”
Collecting Biometric Data
Consumer advocate group CHOICE said in a formal statement earlier this week that they welcomed the information and privacy regulators choice to investigate.
This the response comes almost month after the CHOICE investigation the OAIC’s announcement that they would commence investigation into the issue.

At the time OAIC Commissioner Angelene Faulk said in formal statement, “In line with community attitudes, retailers should consider whether they can achieve their goals in a less privacy intrusive way.”

CHOICE Consumer Data Advocate Kate Bower said in an official statement, “We know this investigation struck a nerve with the Australian community, who have expressed significant concern about the use of facial recognition technology in Bunnings and Kmart stores.”

Click here to see the privacy code amendment for credit reporting.