Consumer Control: CX Workshop Summary

Dear Consumer Data Right participants and other interested parties,
On the 22nd October, participants from over 30 organisations representing Data Holders, Data Recipients, Consumer Advocacy Groups, and other industry representatives joined the CX Workstream and a variety of government agencies for a workshop in Sydney.

The overall purpose of the workshop was to generate ideas and directions for how to provide more control in the CDR regime. For more information on the focus and scope of the workshop please view our workshop invite

The feedback and artefacts from the workshop will be used to inform both the direction of the CX Workstream and also any decisions to be made by the Chair of the Data Standards Body and ACCC as appropriate.


Following a similar approach to previous CX Workshops, several organisations opened the day by presenting information relating to consumer control and data sharing in general. 

A summary of each presentation can be found below:

Greater than X
Active data sharing requires information sharing ecosystems that are safe and that give people control and agency. Control is mutually related to value appropriation. People can’t make an active and informed choice without the ability to appropriate the value of what they’re doing. 
View presentation

Partial and full modifications to consents should exist. There should be new consent records for any modified consents. Data recipients should be allowed to pre-select currently shared data types, uses and periods for re-authorisation.

Data Action
Consumers should only be able to opt out of data sets that aren’t critical to the sharing arrangement (mandatory to provide the product/service).
Consumers who opt out of sharing a particular data group should be alerted to the consequences of doing so.
View presentation

Publicis Sapient
The foundational ingredients of a good experience are: light (timely), ethical (transparent), accessible (inclusive) and dataful (ability to anticipate user needs). 
View presentation

*Note: some organisations have agreed to share their workshop presentations publicly. They are available via the ‘view presentation’ links above.

CX Workstream presentation
The CX Workstream presented findings from the literature and several tangible examples of how consumer control may be provided in the regime. Our thinking on this topic has been informed by the disciplines of anthropology, sociology, behavioural economics, psychology, computer science, and by looking to existing implementations around the world.
View presentation

Prioritisation of key issues and opportunities

Workshop participants had the opportunity to reflect on the views and possibilities raised throughout the morning. Participants identified areas that were seen to be key issues and opportunities.

Five key areas were identified during a group prioritisation activity. These included:

  1. Achieving comprehension, simplicity and coherence in the face of complexity
  2. Mitigating the consequences of consumers not sharing data required for the use case
  3. Presenting a re-authorisation request
  4. Resolving discrepancies between data holder and data recipient dashboards
  5. Designing for amended consents

Group concepts

The afternoon focused on group-based ideation activities to unpack and explore each of these key areas. Each group came up with problem statements and collaborated on solutions together.

The final group concepts are listed below*

*Group 5 did not present a concept.

Group 1:
How might we enable consumers to continue a relationship with a CDR entity simply?
Group 1 designed a concept for amending data sharing during re-authorisation. This includes showing a summary of the changes made to the sharing arrangement.

Group 2: 
As a customer, I want control over the data I have shared and any amendments I make to be reflected across the data recipient and data holder.
Group 2 proposed ways for more communication to occur between data holders and data recipients to provide consumer control and a better consumer experience regardless of which dashboard a consumer might use. This included data recipient provided withdrawal messages, the communication of data recipient redundant data handling policies, the communication of changes from data holders to data recipients, and the ability to elect the right to delete from a data holder dashboard.

Group 1's concept
Group 2's concept

Group 3: 
How might we outline to users the bare minimum data required to get the key outcome they require?
Group 3 proposed a concept to apply data minimisation at a permissions level and give consumers the option to share additional information for extra features. These would be separate to the required data needed to provide a service.

Group 3's concept

Group 4: 
How might we provide consumers with a simple experience so that they are not loaded with information? (with concentration on consumer dashboards)
Group 4 proposed a consumer dashboard concept that allows users to drill down based on need and context. As the data holder dashboard only shows limited information, Group 4 suggested that the consumer should not be able to amend consent from data holder dashboards.

Group 6: 
How might we help consumers understand that data they don’t share will affect the value the data recipient can provide?
Group 6 proposed a concept to show consumers the consequences of not sharing required data during the consent flow. This includes the data recipient alerting the consumer that not sharing required data will result in disruptions to their desired product/service.

Group 4's concept
Group 6's concept

Group 7: 
How might we make it simple for consumers to understand what reauthorisation is?
Group 7 proposed a concept for re-authorisation that allows the consumer to amend their sharing arrangement including data types, sharing duration, data retention settings, data permissions and bank accounts. The latter would include authentication with the data holder to amend this information.

Group 8: 
How might design for the complex while providing for simplicity?
Group 8 proposed a concept that allows the consumer to choose what level of control they would like to have over data sharing before going through the consent flow. This concepts also includes an interactive experience that helps the consumer understand what they might be getting based on the level of information shared.

Group 7's concept
Group 8's concept

Next steps

The CX Workstream is currently reviewing all of the workshop inputs (the presentations shared by participants) and workshop outputs (the concepts generated as summarised above). 

The workshop outputs will be reviewed for consideration in Phase 3 CX research, and to inform future standards. The outputs from the day will be used to help frame and inform decisions to be made by the Chair of the Data Standards Body and ACCC as appropriate.

Keep in touch

  • Sign up to our mailing lists
  • See our past updates
  • Find other information on the Consumer Data Standards website
  • View the online presence of other technical workstreams on Github
  • If you would like to participate in any of our discussions across the four streams or provide any feedback, you can do so via email to

Best regards,
The CX Workstream