From Q4 2018 to Q1 2024, 1035 unique consumer-participants have been engaged for CX research. 20 of these participants have been reengaged on 2+ occasions.

Research focused on recruiting consumers with differing attitudes, literacies, and access requirements, as well as those with varied backgrounds, needs and experiences. A wide range of characteristics were used to screen consumer-participants to span the broad and wide-ranging definitions of vulnerability used by industry and the community sector.

From 2020 to 2022, the Consumer Policy Research Centre (CPRC) was engaged to prepare a series of consumer research reports for the DSB, on subjects identified as being priority topics by DSB, CPRC, consumer advocates and community groups. The research reports derived findings through direct engagement with community sector stakeholders; reference to CPRC’s broader consumer policy research activities; and analysis of existing material relating to consumer experiences of data markets, the CDR, and consumer data reforms in other jurisdictions.

Research findings provided advice on consumer needs, expectations, risks and opportunities related to:

For additional and detailed findings, see CPRC reports.

In June 2019, an accessibility review conducted by GippsTech recommended that CDR participants be required to comply with Web Content Accessibility Guidelines (WCAG) 2.1 (in particular guidelines 1.4, 2.1, 2.5, 3.1, and 3.3) to promote visual accessibility and readability. These recommendations informed the development of the CX Accessibility Standards, which require CDR participants to seek to comply with these aspects of the WCAG.

CX research with 306 consumer-participants was conducted to test and inform the development of data language standards for banking, energy and in anticipation of the telecommunications sectors introduction to the CDR. Out of these consumer-participants, almost half had diverse backgrounds, needs and experiences. The findings from 4 rounds of research (Q2 2019 to Q3 2022) were used to inform the Data Language Standards.

The research indicated that consumers who had experienced vulnerability or disadvantage were more inclined to be concerned about harm arising from data sharing. Consumer-participants explained that transparency would help alleviate these concerns. Transparency can be achieved through the use of accordions to segment, organise and surface important information without creating additional cognitive load for those who are not seeking additional details.

Research showed that those with joint accounts in "negative" relationships did not want the other account holder to be notified of data sharing activity. The rules allow joint account holders ‘flagged’ as vulnerable to be treated as individual account holders, as per CDR Rule 4.13(4). The CX standards build on this - the Notification Standards include specific provisions relating to joint account holders who may be experiencing vulnerability.

The CX Guidelines website provide optional examples of key requirements and recommendations to help organisations build best practice consent models. The website was designed to be used by as many people as possible, and on various devices. In July 2023 all pages on the website were internally audited for accessibility compliance. At this time, the website was partially conformant to WCAG 2.1 level AA. Some known issues and limitations relate to the embedded Figma prototypes and Chrome browsers with JAWS on Windows. Read more on

In June 2022 the Consent Flow was audited by PwC's Indigenous Consulting and the Centre for Inclusive Design. At the time, open source assets relating to Consent, Authenticate and Authorise were partially conformant to WCAG 2.1 level AA.

The various elements reviewed included:

Open Source design assets are provided in the form of Figma files for industry stakeholders. The open source design assets reflect the Consent Model, including some variations.

These design assets focus on visual presentation and readability, including:

These design assets do not tend to accessible code, for example:

The 2022 accessibility review conducted by PwC’s Indigenous Consulting resulted in a Proof of Concept (POC). The POC reflects the Consent Flow, showing the “happy path” for Consent, Authenticate and Authorise. The open-source code has been published for industry stakeholders on

The POC was tested with 10 consumer-participants, all with diverse demographic attributes and abilities. The findings from the research were used to inform Recommendation 7 (Review, prioritise and address issues of Transparency, Clarity and Understanding and Visibility in the Consent Flow) on Noting Paper 279 - Accessibility Improvement Plan.

To ensure that an accessible and inclusive CDR is facilitated throughout its expansion and evolution, the DSB will continue to: