The Interaction Between Directive 2015/2366 (EU) on Payment Services (PSD2) and Regulation (EU) 2016/679 on General Data Protection (GDPR) Concerning Third Party Players

Posted: 21 Jan 2020

See all articles by Dilja Helgadottir

Dilja Helgadottir

Duke University School of Law; Reykjavik University

Date Written: December 12, 2019

Abstract

There has been some concern with the overlap between Directive 2015/2366 (EU) on Payment Services (PSD2) and Regulation (EU) 2016/679 on General Data Protection (GDPR) and how financial institutions can balance these two regulations. The perspective behind each regulation is very different. PSD2 establishes access to personal data and permits its sharing, while GDPR operates to regulate and safeguard it. This raises complex compliance considerations on how to apply those regulations together, especially concerning TPPs, and how they can balance innovation and data protection. This article hopes to explore the questions raised above on how to balance GDPR and PSD2 in the context of TPPs. The study is based on the doctrinal method.

Keywords: Payment Services, General Data Protection, Consent

Suggested Citation

Helgadottir, Dilja, The Interaction Between Directive 2015/2366 (EU) on Payment Services (PSD2) and Regulation (EU) 2016/679 on General Data Protection (GDPR) Concerning Third Party Players (December 12, 2019). Available at SSRN: https://ssrn.com/abstract=3455428 or http://dx.doi.org/10.2139/ssrn.3455428

Dilja Helgadottir (Contact Author)

Duke University School of Law ( email )

Durham, NC
United States

Reykjavik University ( email )

Ofanleiti 2
Reykjavik, 103
Iceland

Do you have negative results from your research you’d like to share?

Paper statistics

Abstract Views
1,322
PlumX Metrics