Skip to main content Skip to main navigation Skip to site search Skip to navigation within this section

Breadcrumbs

Home
Business and employment Business Competition regulation and policy Consumer data right Key documents ... Acronyms and Glossary

Acronyms and Glossary

On this page

Accreditation

Proof that a service or provider meets the trust criteria under the draft law and future regulations.

Accredited requestor

 An entity which is accredited under the draft law to request data from a data holder, or request actions by the data holder. While other entities (who are not accredited) can request data or actions, data holders do not have to respond to these. Data holders are only required to respond to a request when the request comes from an accredited requestor and otherwise complies with the safeguards.

Action request

A request from a customer (or an accredited requestor on behalf of a customer), that a data holder perform an action. This could be making payments, or updating information. Sometimes referred to as ‘write access’.

API

Application Programming Interface

Breach

Not acting in accordance with the draft law, or regulations or standards under it.

CDR

Consumer Data Right

Consent

Customer authorisation for an entity to access data or perform an action on their behalf. A customer may revoke or withdraw consent at any time.

Consumer data right

A legal framework that requires businesses that hold data (data holders) to share prescribed data that they hold about customers (customer data) with trusted third parties (accredited requestors) with the consent of the customer.

Customer

A person – whether individual or entity – that acquires goods or services from a data holder.

Customer data

Data relating to a particular customer, eg account histories, transaction data, product usage. For the purposes of the draft law, customer data is only part of the regime where that type of data has been designated and/or the data holder has been designated.

Data holder

An entity that holds data (or is capable of giving effect to an action) to which the consumer data right applies. Only designated entities holding designated data are considered data holders under the draft law.

Designation

The process of choosing a sector and set of product data and customer data to be brought into the regulated data system established by the draft law.

DISTF Act

Digital Identity Services Trust Framework Act 2023

Draft law

The Customer and Product Data Bill

Fintech

Financial technology

IPP

Information Privacy Principle. The Privacy Act sets thirteen privacy principles to govern how businesses and organisations should collect, handle and use personal information.

MBIE

Ministry of Business, Innovation and Employment

Regulated entities

Data holders and accredited requestors.

< Chapter 2: The Customer and Product Data Bill - technical matters and system settings | Unlocking value from our customer data - Discussion document >

Crown copyright © 2024

https://www.mbie.govt.nz/business-and-employment/business/competition-regulation-and-policy/consumer-data-right/key-documents/unlocking-value-from-our-customer-data-discussion-document/acronyms-and-glossary
Please note: This content will change over time and can go out of date.