Current as at May 2025
Terms of Reference
Purpose and Scope
The Data Standards Chair for Digital ID and CDR has the power, under legislation, to establish committees, advisory panels and consultative groups.[1] The Data Standards Advisory Committee (DSAC) advises the Data Standards Chair for Digital ID and CDR on the Data Standards and provides strategic insights into applicable emerging trends. The DSAC's role is to provide strategic, expert, and industry advice on the design, implementation, and continuous improvement of CDR Data Standards and the Digital ID Data Standards, however, it does not hold any decision-making authority.[2]
The Digital ID Data Standards are enabled under the Digital ID Act 2024 and CDR Data Standards enabled under Part IVD of the Competition and Consumer Act 2010. The CCA and associated CDR Rules outline the requirements for DSAC’s operations for CDR and the Digital ID Act 2024 outlines operations for the Digital ID Data Standards.
Responsibilities
Strategic Direction
DSAC provides strategic, expert, and industry advice on the design and implementation of CDR and Digital ID Data Standards. This includes, but is not limited to, regularly reviewing and discussing global trends and innovations in data standards, particularly regarding enabling and supporting Australia’s digital economy, data sharing and use of digital verification.
Consultation on Data Standards
Under the CDR framework, the Chair is required to consult DSAC for their advice before making or amending Data Standards.[3] This ensures transparency, inclusivity, and the incorporation of diverse perspectives in decision-making by the Chair. This is not a specific requirement under the Digital ID framework, however, similar consultation of DSAC members is advised.
Consultative Group Participation
The Chair may also establish Consultative Groups in addition to the DSAC to inform the technical drafting of the Data Standards. These Consultative Groups are at the discretion of the Chair to establish and will be informed by the strategic direction of the Chair, with the advice of the DSAC. Public consultation will include, but is not limited to, the use of Consultative Groups.
Members are required to nominate their interest in involvement with a Consultative Groups relevant to their area(s) of interest. Two DSAC members are selected by the Chair to attend the meetings of each Consultative Group. Those DSAC members ensure the direction of Consultative Group work to develop Data Standards changes is aligned to the strategic direction set by the Chair, informed by DSAC, and is aligned to policy and program priorities. DSAC members perform this role for a six to 12-month period on a rotating basis.
Stakeholder engagement
DSAC members are expected to engage with their own networks and channels to communicate and encourage engagement with the Data Standards Body (DSB) and its consultations, the Australian Digital ID System and the CDR.
Membership
At a minimum, the DSAC must include at least one consumer representative and one privacy representative.[4] DSAC membership may include representatives from various sectors, subject matter experts, and other relevant stakeholders. Membership aims to ensure a balanced and comprehensive representation of interests and knowledge. A skills matrix for membership is included at Attachment A.
DSAC members are appointed by the Data Standards Chair, through an expression of interest (EOI) process managed by the DSB. DSAC members are appointed for a period not exceeding 12 months.[5] The Chair of the DSAC, the Data Standards Chair, may invite observers from government, state and territory governments and others as deemed necessary.[6]
Meetings
DSAC meets at least six times a year and is chaired by the Data Standards Chair (or delegated to by the Chair to an SES employee of the Department). [7]
An annual strategic planning session is held to align the DSAC's activities with long-term goals and emerging trends in data standards and policy and program direction for CDR and Digital ID. This planning session is included in the required six meetings per year.
As part of the DSB’s usual engagement practices, expert workshops may be organised to discuss specific challenges and innovations in data standards which DSAC members may be asked to attend or provide input to these sessions. These workshops are optional and are not included in the minimum meetings per year.
DSAC will be supported by the DSB as the secretariat, which will support the Chair in organising meetings, papers and minute taking. Minutes will be high level communiqué style published and available online.
Annual Review of DSAC
In line with the annual membership review, DSAC’s operation and Terms of Reference may be reviewed by the Chair with the support of the Data Standards Body. The Chair may also evaluate the effectiveness and impact of DSAC and its members as part of this review.
[1] Section 56FH(2) of the Competition and Consumer Act 2010 and Section103 of the Digital ID Act 2024
[2] Section 8.3 of the Competition and Consumer (Consumer Data Right) Rules 2020
[3] Section 8.9(2)(b)(i) of the Competition and Consumer (Consumer Data Right) Rules 2020
[4] Section 8.4(1)(a) of the Competition and Consumer (Consumer Data Right) Rules 2020
[5] Section 7(2) of the Competition and Consumer (Consumer Data Right–Data Standards Advisory Committee) Instrument 2022
[6] Section 9 of the Competition and Consumer (Consumer Data Right–Data Standards Advisory Committee) Instrument 2022
[7] Section 8(2) and 8(2A) of the Competition and Consumer (Consumer Data Right–Data Standards Advisory Committee) Instrument 2022
Attachment A: DSAC Membership - Skills Matrix
| Skills and Experience | Description |
|---|---|
| Digital technology and data economy | Experience in digital technologies, transformation and delivery including from a policy, regulatory, industry or academic perspective. |
| Data sharing | Experience in data sharing and data economy, including from a policy, regulatory, industry or academic perspective. |
| Digital identity and credentials | Experience in digital identity, identity access management, credentials and biometrics. |
| Information security | Experience and knowledge of information security, cyber security and authentication processes. |
| Consumer representation | Demonstrated experience and/or ability to advocate on behalf of consumers within digital initiatives such as CDR or Digital ID. |
| Privacy representation | Demonstrated experience and/or ability to advocate for privacy safeguards within digital initiatives such as CDR or Digital ID |
| Digital regulation | Experience and understanding of regulation particularly as it relates to digital initiatives. |
| Digital and data standards |
Experience in a standards setting context and/or knowledge of processes relating to standards development. Experience in industry application of frameworks and standards |
| Strategy | Experience in developing and implementing long term objectives and plans of action. |
DSAC – Terms of reference – May 2025