Businesses that gather consumer data must state, very clearly, exactly what a customer is opting into Nicole Buisson, Xero With open banking set to roll out in New Zealand in the near future, a major focus for Payments NZ, as well as providers and consumers, is on data privacy and security. The Cambridge Analytica scandal was a watershed moment in consumers’ understanding of how their data can be used.It’s been a rude awakening, but this loss of data innocence is an important step towards a more sophisticated data economy. What we can learn from the rest of the world To consider how data privacy should be governed in New Zealand, we need to start by looking at how other countries are handling it. In Australia, where open banking is set to roll out in the next 12 months, the productivity commission has called for the comprehensive right for consumers to access data held by one organisation and share it with another. The government in Australia is currently working through the appropriate model for data sharing. In contrast, data sharing in the US is being led by the market and there are no proposals to legislate any open banking regime there. In the UK, where open banking was launched in January, banks must create open APIs so customer data can be shared with authorised third-party applications in a secure, common and consistent format. This forces them to shift from being one-stop shops for financial services to open platforms where consumers can start to embrace a more modular approach. No caption It’s inevitable that open banking will hit New Zealand Nicole Buisson, Xero Instead of having all banking through one provider, individuals and firms can have their current account with one provider and then bolt on other financial services such as insurance and mortgages, all under one user interface. Banks are required to provide transaction and product data to customers, who can then share it around with competitors, who will then to be able to share it around with fintechs. The rest of the economy in the UK is watching how the banking sector implements open banking because the government has indicated other sectors will follow – energy, telecommunications, health and education. In New Zealand, the open banking initiative would be the first implementation of what is known as a consumer data right. This would grant consumers open access to their data, as well as the ability to instruct a business to transfer their data to a third party through API-based secure transfer mechanisms. The intention is to make it easier for consumers to access, share, use and, importantly, derive value from their information as well as to foster a more competitive environment among banking providers and other associated businesses. Keeping data safe Open banking in New Zealand will encourage financial services to be distributed over platforms such as Xero. As we look towards this future reality we need to take into account the increased risk of cybersecurity breaches when considering the design of the open banking regime. As a major player in the upcoming open banking movement, and particularly in the wake of the Cambridge Analytica scandal, I believe it is absolutely essential that businesses that gather consumer data state, very clearly, exactly what a customer is opting into. It’s also important that consumers understand that the entity that provides the service to the end customer has the liability to keep data safe. That’s the banks, and other financial providers that handle the banks’ data. It’s inevitable that open banking will hit New Zealand. When – not if – that happens, the business world will need to be ready to help every customers get the absolute best out of this technology, while keeping their data safe. Nicole Buisson is small business director at Xero. Nicole Buisson (second from right) at a fintech forum together with Will Mahon-Heap of Revolut, Rhiannon White of Westpac, Ben Murphy of Spotcap and Edward Berks of Xero UK Get the latest on digital transformation: Sign up forCIO newsletters for regular updates on CIO news, career tips, views and events.Follow CIO New Zealand on Twitter:@cio_nz Related content brandpost Sponsored by Freshworks When your AI chatbots mess up AI ‘hallucinations’ present significant business risks, but new types of guardrails can keep them from doing serious damage By Paul Gillin Dec 08, 2023 4 mins Generative AI brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe