European Union: Issued EDPS opinion on regulation for a framework for financial data access

On 22 August 2023, the European Data Protection Supervisor (EDPS) issued an opinion on the proposal of the European Commission for a framework for financial data access and regulation amendments. The proposal aims to foster data-driven financial services by allowing individuals and businesses to control access to their financial data. The EDPS welcomes the idea of empowering customers to control their data usage but raises concerns about the broad definition of customer data, which might include sensitive information. The EDPS, therefore, suggests clearly defining the types of personal data to be shared and excluding data generated from profiling. The proposal suggests obligations for data holders and users that could enhance data protection, and the EDPS recommends specifying data access requests and preventing denial of services for not using data sharing tools.