PSD2 vs GDPR: will we keep our privacy or not? Two major EU regulations on collision course

privacy 2017/02/04

In an article that recently appeared on LinkedIn Pulse, one Krzysztof Trojan wrote about the conflics between two major European legislations that have quite some impact on the finance world.

The Revised Payment Services Directive (PSD2) will require financial institutions (especially banks) to open access to the personal information related to the accounts to third parties the institution has no contractual agreement with. The GDPR however forbids sharing the information with third parties; basically it is the individual to give consent and to provide the data to the data processor - not other processors.

It is weird to read how two legislations from the EU can address the topic of privacy and consent from such opposing angles. I suppose it’ll take some years of lawsuits and appeals up to the Court of Justice of the European Union (CJEU) to settle this. Do we have to be prepared for some suprises like the Schrems case, where the CJEU invalidated the entire US-EU Safe Harbour arrangement?

You can find the article titled PSD2 and GDPR regulations on collision course? on LinkedIn. Thought provoking, as the comments below the artice show.