The European Data Protection Supervisor (EDPS) has published an opinion concerning the proposal for a Regulation on a Financial Data Access Framework and, separately, an opinion about the proposal for a Regulation and Directive on payment services in the EU’s internal market.
The EDPS welcomes efforts within each proposal to ensure consistency with the General Data Protection Regulation (GDPR), but highlights how the proposals should make clear "that the granting of ‘permissions’ to access financial data does not equate to giving consent under the GDPR." Similarly, the EDPS points out that an appropriate legal basis under the GDPR is required for any processing of personal data following a request to access an individual’s financial data.
Wojciech Wiewiórowski, EDPS, said: “Increased sharing of financial data should open new opportunities for individuals, not close doors. Without clear boundaries, one could see higher prices for important financial services or the exclusion of customers with an unfavourable risk profile. Financial authorities and data protection authorities will need to cooperate closely to ensure that individuals and their fundamental rights are protected”.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 4,350 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.