Crypto-assets' markets regulation: EDPS Opinion on the European Commission's Proposal

On 24 June 2021, the European Data Protection Supervisor (EDPS) issued an Opinion on the European Commission’s Proposal to regulate the crypto-assets’ markets.

The proposed Regulation includes a series of obligations and requirements concerning the trading of electronic money tokens, rules on the authorisation and supervision of those issuing and/or providing electronic money tokens, rules to protect individuals purchasing electronic money tokens. Overall, the Regulation seeks to prevent abuse in the crypto-assets’ markets.

The EDPS made a number of recommendations concerning this proposal, in particular on the responsibilities of those issuing crypto-assets.

As per the proposal, it is envisaged that issuers of crypto-assets may process the personal data of those purchasing crypto-assets by using various technologies and infrastructures, such as blockchain - a type of technology used in this case to record the purchasing and issuing of crypto-assets. Concerning the processing of individuals’ personal data, issuers of crypto-assets may be considered as data controllers, since they decide for which purposes individuals’ data may be processed and in what capacity, as well as the overall configuration of the crypto-asset project.

Given the type of personal data that may be processed and the infrastructure possibly used for this processing, the EDPS recommends that the issuers of crypto-assets - as possible data controllers - carry out a Data Protection Impact Assessment (DPIAs). A DPIA would allow issuers of crypto-assets to evaluate the risks of all possible processing operations, and measures to mitigate such risks, as per the obligation set out in the General Data Protection Regulation applicable to EU Member States.

In its concluding remarks, the EDPS suggests that issuers of crypto-assets explain in a transparent and simple way to individuals purchasing crypto-assets how their personal data may be processed. (edps.europa.eu/ photo: pixabay.com)

The Opinion is available here

Comments

Editorial

Editorial
George Kazoleas, Lawyer

Top Stories

Ombudsman inquiry on Commission President’s text messages is a wake-up call for EU

Gigantic fine for unfair practices imposed on Booking.com by the Competition Authority of Hungary

The rules of UEFA on ‘homegrown players’ could be contrary to EU law (ECJ)

Airbnb is not required to hold an estate agent’s professional licence as it did not notify the Commission of that requirement in accordance with the Directive on electronic commerce

ECtHR Judgement against Greece: Disclosure of the identities and medical data of prostitutes diagnosed with HIV was a breach of their right to private life

First judgment of the ECHR: Lawless v. Ireland

Obligation of a creditor to check a consumer’s creditworthiness - Credit agreement void and creditor’s entitlement to payment of the agreed interest forfeited