1.0EBFhttps://www.ebf.eurich600338<blockquote class="wp-embedded-content" data-secret="wFGfhNFAJG"><a href="https://www.ebf.eu/innovation-cybersecurity/joint-payments-industry-letter-on-final-edpb-guidelines-psd2-gdpr-interplay/">Joint Payments Industry Letter on Final EDPB Guidelines PSD2 GDPR Interplay</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.ebf.eu/innovation-cybersecurity/joint-payments-industry-letter-on-final-edpb-guidelines-psd2-gdpr-interplay/embed/#?secret=wFGfhNFAJG" width="600" height="338" title="“Joint Payments Industry Letter on Final EDPB Guidelines PSD2 GDPR Interplay” — EBF" data-secret="wFGfhNFAJG" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /*! This file is auto-generated */ !function(c,d){"use strict";var e=!1,o=!1;if(d.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp||{},c.wp.receiveEmbedMessage);else if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(!t);else if(!(t.secret||t.message||t.value));else if(/[^a-zA-Z0-9]/.test(t.secret));else{for(var r,s,a,i=d.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),n=d.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),o=new RegExp("^https?:$","i"),l=0;l<n.length;l++)n[l].style.display="none";for(l=0;l<i.length;l++)if(r=i[l],e.source!==r.contentWindow);else{if(r.removeAttribute("style"),"height"===t.message){if(1e3<(s=parseInt(t.value,10)))s=1e3;else if(~~s<200)s=200;r.height=s}if("link"===t.message)if(s=d.createElement("a"),a=d.createElement("a"),s.href=r.getAttribute("src"),a.href=t.value,!o.test(a.protocol));else if(a.host===s.host)if(d.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener("message",c.wp.receiveEmbedMessage,!1),d.addEventListener("DOMContentLoaded",t,!1),c.addEventListener("load",t,!1);function t(){if(o);else{o=!0;for(var e,t,r,s=-1!==navigator.appVersion.indexOf("MSIE 10"),a=!!navigator.userAgent.match(/Trident.*rv:11\./),i=d.querySelectorAll("iframe.wp-embedded-content"),n=0;n<i.length;n++){if(!(r=(t=i[n]).getAttribute("data-secret")))r=Math.random().toString(36).substr(2,10),t.src+="#?secret="+r,t.setAttribute("data-secret",r);if(s||a)(e=t.cloneNode(!0)).removeAttribute("security"),t.parentNode.replaceChild(e,t);t.contentWindow.postMessage({message:"ready",secret:r},"*")}}}}(window,document); </script> https://www.ebf.eu/wp-content/uploads/2021/03/Online-platforms-banner-scaled.jpeg25601514The EBF, together with a number of EU payment sector associations, has written to the European Data Protection Board, the European Commission, and the European Banking Authority regarding the EDPB Guidelines on the Interaction between PSD2 and GDPR. The letter highlights that while the payments sector remains fully committed to ensuring the protection of EU citizen’s data- including within the framework of PSD2 – there are concerns that the enforcement of the Guidelines will lead to an outcome that is not in line with PSD2 objectives, therefore hindering innovation and competition in payments. While the final Guidelines help in clarifying certain aspects of the interplay,- elements such as the provisions on data minimization raise concern and new uncertainties;- there is still lack of coherence with the Regulatory Technical Standards on Strong Customer Authentication and Common and Secure Communication (RTS on SCA & CSC);- there are resulting concerns that national Data Protection Authorities could start taking a differentiated approach to the interpretation of the provisions, resulting in fragmentation across the EU and adding to a worrying trend when it comes to GDPR implementation.