ComplianceTech ®. Pour lire cette fiche en français, cliquez sur le drapeau français
Full reference: Frison-Roche, M.-A., "Interregulation" between Payments System and Personal Data Protection: how to organize this "interplay"?, Newsletter MAFR - Law, Compliance, Regulation, 27th of August 2020
Read by freely subscribing the other news of the Newsletter MAFR - Law, Compliance, Regulation
Summary of the news
Regulation Law, in order to recognize and draw the consequences from the specificities of some objects, has been build, at the start, around the notion of "technical sector" although their delimitation is partially related to a political choice. But, in facts, there are multiple points of contacts between sectors, actors moving from one to another as objects. The regulatory solution is so to climb over some technical borders through the methodology of interregulation which is by the way the only one to enable the regulation of some phenomena going beyond the notion of sector and related to Compliance Law.
This news takes the exemple of companies furnishing new payment services. In order to they can provide these services, these firms needs to access to banking accounts of concerned people and so to very sensitive personal data. Regulation of such a configuration needs a cooperation between the banking regulator and the personal data regulator. Legislation being not sufficient to organize in Ex Ante this interregulation, the European Data Protection Board has published some guidelines on 17th of July 2020 about the way it conceives the articulation between the PSD2 (European directive about payment services) and GDPR and has announced that it intended to expand the circle of its interlocutors to do this interregulation. Such an initiative from EDPB can be justified by the uncertainty about how interpreting both texts and articulating them.