The European Data Protection Supervisor ('EDPS') published, on 24 June 2021, its Opinion on the Proposal for a Regulation on Markets in Crypto-assets, and amending Directive (EU) 2019/1937 which was adopted on 24 September 2020 by the European Commission . You can read our previous publication regarding the proposal here.
The EDPS emphasized the importance of properly ensuring that the underlying technology of crypto-assets, such as blockchain and distributed ledgers, adheres to data protection regulations and standards. The EDPS also emphasized the EU legislature's responsibility to guarantee that the processing suggested in the proposal is executed in a data protection-compliant way, as well as controllers' responsibility to ensure compliance with the principle of accountability. The EDPS also considered that issuers would typically be controllers under the General Data Protection Regulation (EU) 2016/679 ('GDPR'), and invited the legislature to include the obligation for issuers to ensure data protection guarantees and examine whether they need to perform a data protection impact assessment (DPIA), in the proposal.
In addition, the EDPS reaffirmed the principle of storage limitation and suggested establishing a maximum rather than a minimum data retention duration.
For further information please contact:
George Z. Georgiou & Associates LLC 1 Iras Street, 1060 Nicosia, Cyprus
T +357 22763340 F +357 22763343
W www.gzg.com.cy E [email protected]
This update does not constitute legal advice.