EU privacy regulators adopt opinion on the proposed Regulation on the digital euro

Catherine Di Lorenzo, Nigel Parker, Nicole Wolters Ruckert
Allen & Overy LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Allen & Overy LLP

On 17 October 2023, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) adopted a joint opinion on the proposed Regulation on the digital euro (the Proposal) as a central bank digital currency (the Joint Opinion).

The EDPB and the EDPS welcome the Proposal and acknowledge the efforts to provide a high standard of privacy and data protection for the digital euro, e.g. by introducing an "offline modality", to minimise the processing of personal data by payment service providers, as well as to embed data protection by design and by default. Nevertheless, the EDPB and EDPS identify several improvements to ensure individuals’ data protection and privacy rights. They recommend:

  • clarifying how the digital euro will be distributed in a ‘decentralised manner’ by financial intermediaries;
  • clarifying the necessity and proportionality of the single access point of digital euro unique identifiers;
  • clarifying requirements for personal data processing by payment service providers (PSPs) in various situations, e.g. for enforcing holding limits or in relation to possible fees for services;
  • including an obligation on the European Central Bank (ECB) and the national central banks to ensure pseudonymisation of all transaction data in the ECB settlement infrastructure;
  • demonstrating the necessity of possible establishment by the ECB of a general fraud detection and prevention mechanism (FDPM) which may be accessed by PSPs to detect fraud, and providing clear and precise rules governing the scope and application of the envisaged FDPM;
  • including an explicit reference to the applicable cybersecurity legal framework, to address risks from an IT and cybersecurity perspective;
  • fine-tuning the provisions relating to tracing online and offline transactions for the purposes of anti-money laundering (AML) and for combatting the financing of terrorism (CFT), to better balance the privacy and data protection risks and AML/CFT threats; and
  • clarifying the legal bases for data processing, the allocation of data protection responsibilities and the types of personal data processed by various stakeholders involved in the issuance and use of the digital euro.

The press release is available here and the Joint Opinion here.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Allen & Overy LLP | Attorney Advertising

Written by:

Allen & Overy LLP
Allen & Overy LLP
Contact
more
less

Allen & Overy LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide