The Office of the Australian Information Commissioner (OAIC) has assessed the privacy practices of Australia’s ‘Big Four’ banks in order to ensure they are meeting their obligations.
Australian Information Commissioner and Privacy Commissioner, Angelene Falk said her Office’s investigation had found the banks were generally handling consumer data under the Consumer Data Right (CDR) in an open and transparent way with good privacy practices in place.
“The Consumer Data Right has a strong regulatory framework to protect consumers’ privacy and build confidence in the system,” Commissioner Falk said.
“We are proactively auditing and monitoring providers in the system to ensure these strict privacy safeguards are being upheld, so that consumers can feel confident their data is protected,” she said.
Commissioner Falk said there were 13 legally-binding privacy safeguards that set out consumers’ privacy rights and the obligations on providers collecting and handling their data.
“The OAIC’s first privacy assessment examined how the initial CDR data holders are complying with Privacy Safeguard One, which requires providers to have a policy describing how they manage consumer data, and to implement internal practices, procedures and systems to ensure compliance,” she said.
“Our privacy assessment found the Big Four banks (ANZ, Commonwealth Bank, National Australia Bank and Westpac) are generally complying with the bedrock CDR privacy safeguard.
“Our recommendations and suggestions will assist these data holders and other providers in the system to further embed, review and enhance their privacy practices, so that consumers can continue to use the Consumer Data Right with confidence,” Commissioner Falk said.
