The letter emphasizes and jointly reiterates common concerns from the payments industry. This follows ETPPA’s individual response to the EDPB’s consultation, where the association already explained the main issues and requested the redrafting of these guidelines. The latest letter, co-signed by ESBG, EBF, EACP, ETPPA, EPIF, EAPB, PE, EFA, and EMA, demonstrates that it is not just TPPs, but the whole payments industry, which would be negatively impacted, according to ETTPA.org.
The aforementioned parties wish to ensure that coherence won't be limited to PSD2 and GDPR but also between these two and Regulatory Technical Standards on Strong Customer Authentication and Common and Secure Communication, so that there will be more legal certainty for all entities involved.
The letter states that the revised guidelines should draw a line between the data protection responsibilities of various types of PSPs – ASPSPs, EMIs, PIs, PISPs, or AISPs – in accordance with the roles defined by PSD2. By doing this, the guidelines should become easier to understand and apply.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now