In a collaborative move to regulate the future of digital currencies within the European Union, the European Data Protection Board and the European Data Protection Supervisor have issued a joint statement. Published on Oct. 18, the statement outlines recommendations to bolster personal data protection standards in the European Union’s proposed central bank digital currency (CBDC), commonly referred to as the digital euro.
One crucial issue discussed is the proposed verification procedure that limits the amount of digital euro held in individual accounts. Under the current draft, the European Central Bank (ECB) and the national central banks would have a single access point to each user’s data. The regulators, however, call for a reevaluation of this approach. They argue that establishing a solitary data access point might be excessive. Besides, they suggest that employing decentralized storage methods for these identifiers is a feasible alternative, an approach that would enhance the privacy of digital euro users.
Unveiling the shortcomings in fraud detection
Additionally, the authorities find the proposed fraud detection and prevention mechanisms of the CBDC somewhat lacking in foreseeability. They advocate for a more nuanced approach, recommending “less intrusive measures” from a data protection viewpoint. Moreover, the regulators strongly recommend the establishment of a “privacy threshold” for online transactions. This threshold would mean that offline and online low-value transactions are not subject to tracking for Anti-Money Laundering and combating the financing of terrorism purposes. While they did not specify an exact limit, the authorities referred to covering “low-value daily transactions.”
The recent statement comes in the wake of the ECB’s announcement of entering the “preparation phase” for the digital euro project, following a two-year investigation. This phase is slated to last another two years and aims to finalize rules for the digital currency while also selecting possible issuers. Hence, the recommendations from the European regulatory bodies are timely as they add a layer of scrutiny, urging the designers to consider the implications of data protection more seriously.
These regulatory inputs play a significant role in shaping the digital euro as it progresses from an idea to an operational currency. With these recommendations, the European authorities are not just laying the foundation for a more secure and private digital euro but also setting a precedent for how future digital currencies might interact with personal data protection frameworks. Consequently, the joint statement serves as an essential milestone in the ongoing conversation around the digital euro and data protection at large.
Significantly, these recommendations could be instrumental in influencing the operational integrity of the digital euro, ensuring it not only complies with financial standards but also upholds the values of privacy cherished by European citizens.