Commonwealth Consolidated Acts

[Index] [Table] [Search] [Search this Act] [Notes] [Noteup] [Previous] [Next] [Download] [Help]

COMPETITION AND CONSUMER ACT 2010 - SECT 56BC

Rules about disclosure, collection, use, accuracy, storage, security or deletion of CDR data for which there are CDR consumers

Required disclosures in response to valid requests

  (1)   Without limiting paragraph   56BB(a), the consumer data rules may include the following rules:

  (a)   requirements on a CDR participant for CDR data to disclose all or part of the CDR data, in response to a valid request by a CDR consumer for the CDR data, to:

  (i)   the CDR consumer for use as the CDR consumer sees fit; or

  (ii)   an accredited person for use subject to the privacy safeguards; or

  (iii)   a data holder of other CDR data;

  (b)   rules about:

  (i)   how a CDR consumer for the CDR data may make a valid request of the kind described in paragraph   (a); and

  (ii)   what must be included in a request for it to be valid, what disclosures or other matters a valid request may cover, and when a request ceases to be a valid request;

  (c)   requirements on a person (other than a CDR consumer for the CDR data) to satisfy in order to be disclosed the CDR data in the way described in paragraph   (a).

Note 1:   The requirements described in paragraph   (a) could, for example, include a requirement that the disclosure be in accordance with the relevant data standards.

Note 2:   A fee may be charged for such a disclosure if the CDR data is chargeable CDR data, unless section   56BU provides otherwise.

Authorised disclosures or use in accordance with valid consents

  (2)   Without limiting paragraph   56BB(a), the consumer data rules may include the following rules:

  (a)   rules authorising a CDR participant for CDR data to disclose all or part of the CDR data to a person in accordance with a valid consent of a CDR consumer for the CDR data;

  (b)   rules authorising a person to use CDR data in accordance with a valid consent of a CDR consumer for the CDR data;

  (c)   rules about:

  (i)   how a CDR consumer for the CDR data may make a valid consent of the kind described in paragraph   (a) or (b); and

  (ii)   what must be included in a consent for it to be valid, what disclosures, uses or other matters a valid consent may cover, and when a consent ceases to be a valid consent.

Note:   Fees may be charged for these disclosures or uses.

Other rules

  (3)   Without limiting paragraph   56BB(a), the consumer data rules may include the following rules relating to CDR data for which there are one or more CDR consumers:

  (a)   rules relating to the privacy safeguards;

  (b)   other rules relating to the disclosure, collection, use, accuracy, storage or security of the CDR data that affect:

  (i)   an accredited person; or

  (ii)   a CDR participant, or CDR consumer, for the CDR data;

  (c)   other rules relating to the deletion of the CDR data that affect:

  (i)   an accredited person; or

  (ii)   an accredited data recipient of the CDR data; or

  (iii)   a CDR consumer for the CDR data.

Note 1:   Subsection   56BD(3) limits how such rules can affect a data holder.

Note 2:   The rules may deal with similar or additional matters to those in the privacy safeguards. When doing so, the rules will need to be consistent with those safeguards (see subsections   56EC(1) and (2)).

Note 3:   The rules must include a requirement on an accredited data recipient to delete all or part of the CDR data in response to a valid request by a CDR consumer for the CDR data (see section   56BAA).



AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback