EBF’s comments to the Working Party 29:
Guidelines on the right to data portability
EBF advisor: Noémie Papp
Publication date: 15 February 2017
Article 20 of the General Data Protection Regulation introduces a new right to data portability which aims at empowering the data subject by giving him/her more control over his/her personal data and encouraging free movement of data within the European Union. Data portability is central in order to provide customers with more choice, avoid data monopolies (competition issue) and allow personal data to be available to other operators (with consumer consent). Within regulated industries, customers already experience and benefit from the possibility to switch from one service provider to another.
The European Banking Federation (EBF) welcomes the possibility given to provide comments on the Guidelines prepared by the Article 29 Data Protection working party (Article 29 WP) on the right to data portability.
In our views, further considerations should be given to the need to:
Clarify the liabilities in the application of the data subject’s right to receive personal data and the right to transmit personal data from one data controller to another data controller;
Ensure that the scope of the right of data portability is only limited to data actively provided by the data subject to the controller (raw data);
Ensure that sufficient security is maintained and risks prevented in the context of the transmission of personal data to the data subject;
Ensure the framework of the right of data portability of the General Data Protection Regulation(GDPR) is aligned with recent legislative initiatives at EU level which already regulate the right to data portability (for example the Payment Accounts Directive (PAD), the new Payment Services Directive (PSD2)etc.);
Ensure that public consultations of stakeholders will take place prior to the adoption of the guidelines with a reasonable period of response.
“Modern Governance in Banking” is a new modular programme of three three-day modules at the INSEAD business school in Fontainebleau, France. The content is driven by the needs for bank directors and senior executives working in banks to review and update their corporate governance practices due to the many pressures they face, and will focus on the effectiveness of directors and boards. Successful completion by participants offers certification by INSEAD. Read more
Velkommen Norway & Wilkommen Switzerland! 2 new countries join the Joint Cybercrime Action Taskforce (J-CAT) under new Chairmanship. Hosted within @EC3Europol, the J-CAT is dedicated to fighting international #cybercrime threats within the EU & beyond 💪https://t.co/4VubRBCdhN
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.