Crypto-assets' markets regulation: EDPS Opinion on the European Commission's Proposal

On 24 June 2021, the European Data Protection Supervisor (EDPS) issued an Opinion on the European Commission’s Proposal to regulate the crypto-assets’ markets.

The proposed Regulation includes a series of obligations and requirements concerning the trading of electronic money tokens, rules on the authorisation and supervision of those issuing and/or providing electronic money tokens, rules to protect individuals purchasing electronic money tokens. Overall, the Regulation seeks to prevent abuse in the crypto-assets’ markets.

The EDPS made a number of recommendations concerning this proposal, in particular on the responsibilities of those issuing crypto-assets.

As per the proposal, it is envisaged that issuers of crypto-assets may process the personal data of those purchasing crypto-assets by using various technologies and infrastructures, such as blockchain - a type of technology used in this case to record the purchasing and issuing of crypto-assets. Concerning the processing of individuals’ personal data, issuers of crypto-assets may be considered as data controllers, since they decide for which purposes individuals’ data may be processed and in what capacity, as well as the overall configuration of the crypto-asset project.

Given the type of personal data that may be processed and the infrastructure possibly used for this processing, the EDPS recommends that the issuers of crypto-assets - as possible data controllers - carry out a Data Protection Impact Assessment (DPIAs). A DPIA would allow issuers of crypto-assets to evaluate the risks of all possible processing operations, and measures to mitigate such risks, as per the obligation set out in the General Data Protection Regulation applicable to EU Member States.

In its concluding remarks, the EDPS suggests that issuers of crypto-assets explain in a transparent and simple way to individuals purchasing crypto-assets how their personal data may be processed. (edps.europa.eu/ photo: pixabay.com)

The Opinion is available here

Comments

Popular posts from this blog

Ombudsman inquiry on Commission President’s text messages is a wake-up call for EU

An overview of the regulatory framework on Gambling Services in the European Union

Access to documents: the Commission decision refusing a journalist of The New York Times access to the text messages exchanged between President von der Leyen and the CEO of Pfizer is annulled (CJEU)

New President of the European Court of Human Rights

Imposition of a fine on a bank in Greece for an incident of personal data breach