The Consumer Data Right (CDR) rules have been updated to permit accredited intermediaries to collect data on behalf of third party data recipients, providing there is consumer consent.
The CDR has been touted as allowing individuals to "own" their data by granting them open access to their banking, energy, phone, and internet transactions, as well as the right to control who can have it and who can use it.
It officially launched on 1 July.
The CDR aims to help an individual monitor their finances, utilities, and other services, and compare and switch between different offerings more easily. The system also aims to encourage innovation and competition between service providers, including startups.
In the first instance, the mandate applies to banking, but the energy sector[1] is the next cab off the rank, with telecommunications to then follow.
Read more: Australia's Consumer Data Right: Here's everything you need to know[2]
The Australian Competition and Consumer Commission (ACCC) said the amended rules, in place from Friday, mean accredited businesses can now ask other accredited businesses to obtain consumer data on their behalf.
It said the update is intended to facilitate greater participation in the CDR by fintech firms.
The ACCC said the changed rules will, for example, allow an accredited business to use outsourced IT infrastructure and software of an accredited intermediary to connect to data holders' APIs, rather than build their own.
Consumers will be informed during the consent process if an intermediary provider may collect their CDR data, and must be shown the provider's name and accreditation number.
"This is the first in a series of measures to reduce the time and cost to enter and operate in the Consumer Data Right ecosystem," ACCC commissioner Sarah Court said.
"The rule changes also make