{"id":32,"date":"2019-05-21T20:07:53","date_gmt":"2019-05-21T19:07:53","guid":{"rendered":"https:\/\/psd2meniet.nl\/?p=32"},"modified":"2019-08-02T23:33:56","modified_gmt":"2019-08-02T22:33:56","slug":"interview-emerce","status":"publish","type":"post","link":"https:\/\/psd2meniet.nl\/en\/interview-emerce\/","title":{"rendered":"PSD2 makes privacy a paper reality"},"content":{"rendered":"

Some\nDutch banks and fintechs are working together with the Privacy First Foundation on a\nPSD2 quality mark. By doing so, the companies want to make clear to consumers who\nthey can trust their data. The Volksbank ranks as one of the\nfirst behind the initiative. What is the need of those involved?<\/strong><\/p>\n\n\n\n

Yoshi Tuk<\/em><\/a> interviewed in May 2019 Privacy first spokesperson Martijn van der Veen for <\/em>Emerce<\/em><\/a>. Here's the interview: <\/em><\/p>\n\n\n\n

In addition to innovation, the European Payment Directive PSD2 also raises privacy concerns. The directive that came into force in January - the Netherlands will probably follow this summer with its own legislation - ensures that consumers can give companies access to their bank account and (financial) data. The question, however, is whether they are aware that they are sharing privacy-sensitive data. Moreover, once shared, banks will no longer be able to 'retrieve' that data. <\/p>\n\n\n\n

Except for one\nSo there is also a real risk to PSD2, says Privacy First.\nTogether with a number of Dutch banks and fintech companies, the\ninterest group to a quality mark. In doing so, the parties respond to\nruling of the Dutch Central Bank. The latter would have previously established that here\nneed for is. While the AVG, the new European privacy law, must ensure\nfor better protection, PSD2 opens the back door, explains Martijn van der Veen\nfrom Privacy First<\/a>\nout.<\/p>\n\n\n\n

How to see\nyou the PSD2 from a privacy point of view?<\/strong><\/h4>\n\n\n\n

Van der\nVeen: \"The subject of privacy has remained underexposed within PSD2 for far too long.\nFor a long time, PSD2 was mainly a party for fintechs and aimed at innovating\nthe payment system. <\/p>\n\n\n\n

\"With PSD2\nparties can, among other things, have access to your transaction details,\nfor example, to gain insight across multiple bank accounts.\nA bank may not provide these transaction data just like that, for this a\ngive the consumer 'explicit consent'. That's not a tick\nput. The person must give 'free, specific and informed' consent.\nOn paper, it's fine then. But the impact of PSD2 on privacy can\nmuch greater than whether someone's permission has been registered.<\/p>\n\n\n\n

\"Our\ngreatest concern is what happens to the data as soon as it reaches a\nservice provider lie. What do they do with it? Don't think services are limited\nstay until showing transaction details, companies want to do something with\nthat large amount of data coming into their possession. Think about doing\noffers, new services and comparisons. For this they want data\nlinking, relating and searching for patterns. And of course there is also a\nearning model to fixed.<\/p>\n\n\n\n

\"A\nwrong framing is that it's 'but' transaction data. You can\ninfer a lot about a person's life. If you spend three years at a bank\ncan look back, then the provider also immediately receives three years to\ntransactional data. From account numbers you can see whether someone often has medical\nuses support, where a person often goes and what a person's life pattern\nis. From recurring wire transfers you can deduce if someone is a member of a\nreligious organization or trade union. These are data which, with good reason, are not\nmay be used. <\/p>\n\n\n\n

\"The crazy\nis, where everyone because of the AVG is doing their best to protect their privacy on\nto get order, PSD2 will open the back door wide.\"<\/p>\n\n\n\n

But why\nis a hallmark necessary?<\/strong><\/h4>\n\n\n\n

\"Privacy\nThe aim of the PSD2 label is to help consumers in their choice of supplier. The\nprovides information as to whether the provider will handle the personal data properly\ngo and be trusted. In doing so, we want the open standards of the law\ncolor in. Now a provider determines what a decent storage period of\ndata is. And how quickly he responds to complaints. It's debatable whether it's\nthe interests of the consumer come first. The label informs consumers\nand encourages providers to raise the level of privacy protection. For\nthis is valuable for both parties because it gives confidence in a service provider\nraises.\"<\/p>\n\n\n\n

On which\nconcrete areas should the quality mark be tested and supervised?<\/strong><\/h4>\n\n\n\n

\"Parties\nmust already have a lot in order because of their PSD2 license and privacy laws.\nThe quality mark will mainly concern the question of whether a provider deals accurately with\nthe personal data. Without PSD2, banks were the primary party to business\nparticipate. They had a reputation, customer service and a duty of care. That\nmust now all arise anew, and the label can help with that. Think\ne.g. how a person is informed or what happens\nwith the data. And how well the parties take their responsibilities when the\nis about data minimization and protection. <\/p>\n\n\n\n

\"Compare\nfrom the provider's point of view, driving on the road. That someone's got a driver's license\nhe doesn't make a good b<\/p>\n\n\n\n

Sailor.\nWe want to fill in how you can be a good driver. The quality mark\nwill have to be reviewed by independent parties. We are now thinking of a\nindependent foundation that evaluates holders of the quality mark. But that is\nstill work in progress<\/em>.\u201d<\/p>\n\n\n\n

PSD2 says\na lot of people nothing at all. Moreover, there is already a forest of (online)\nlabels. To what extent do you think consumers have an eye for this?<\/strong><\/h4>\n\n\n\n

\"I'm glad\nthat you're asking this question. Isn't that where the problem is? PSD2 leans very\nstrong on getting explicit permission. The quality mark offers\ninformation about the provider. But if a consumer is not\nsimple indication of whether the party is handling the data properly why are we going there?\nor assuming that the same consumer is well informed about a service?\nWhen it comes to privacy, privacy threatens to become a paper reality,\nThat's what we want to avoid with a hallmark.<\/p>\n\n\n\n

\"We know\nnot yet exactly what the hallmark will look like. The main thing is that it is simple\nand must be clear.\"<\/p>\n\n\n\n

What things\nas far as you're concerned, should have been better regulated in the legislation?<\/strong><\/h4>\n\n\n\n

\"Precisely because\nthe PSD2 very much relies on the AVG, we would have liked consumers to see a lot of\ncould more directly influence the history of the transaction data and\nthe blocking of certain data from which special personal data can be derived, - the blocking of certain data from which special personal data can be derived.\nlead. As soon as someone withdrew his consent, all the parties who had over\ndata, it must be erased automatically. This is not yet the case.\nBut the tricky thing about privacy legislation is that certain terms are closer to being deleted.\nmust be completed. The law can't regulate everything.<\/p>\n\n\n\n

\"For the\nprotection of privacy would have been easier if banks had been able to use their\nduty of care could play a role. However, this quickly leads to\ndistortion of competition. And the idea of PSD2 is precisely to attract new entrants.\ngive it a chance. Who knows, maybe there will be another fintech with a PSD2 dashboard.\nwhat that step is gonna involve.\"<\/p>\n\n\n\n

Among others\nthe Volksbank is cooperating. From which organisations do you expect even more\ninvolvement?<\/strong><\/h4>\n\n\n\n

\"We're going\nassuming that all banks, fintechs and interest groups involved\nwill join the PSD2. A number of them have already joined the initiative\nand are closely involved in further development. <\/p>\n\n\n\n

\"Where we\nThe aim is that the lack of a hallmark works like a dissatisfier.\nThis will therefore be detrimental to the image of such a company. We want the\nMore consumer organisations and interest groups will be joining in the coming period.\nThey can help to implement the standards from their constituencies. The time of\ninnovating and making money without having an eye for privacy is now real\nover.\"<\/p>\n\n\n\n

Which\nconcrete steps are being taken now?<\/strong><\/h4>\n\n\n\n

\"We want\ncome up with a self-assessment around the summer that banks and fintechs can use to help themselves.\nbe able to judge. We are now working hard on the underlying framework of standards so that\nit becomes clear what companies have to comply with in order to earn the label.\nIn addition to a self-assessment, we want to quickly set up an organisation for the\nprocessing the applications and placing the quality mark on the market. There is\na lot to do, but the pace is right now.\"<\/p>","protected":false},"excerpt":{"rendered":"

A number of Dutch banks and fintechs are working together with the Privacy First Foundation on a PSD2 quality mark. By doing so, the companies want to ... <\/p>\n

Read More<\/a><\/div>","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","trp-custom-language-flag":"","post-thumbnail":"","entry":"","entry-cropped":"","entry-fullwidth":"","entry-cropped-fullwidth":""},"post_excerpt_stackable_v2":"

Enkele Nederlandse banken en fintechs werken samen met Stichting Privacy First aan een PSD2-keurmerk. Daarmee willen de bedrijven aan consumenten duidelijk maken wie ze hun data kunnen toevertrouwen. De Volksbank schaart zich als een van de eersten achter het initiatief. Op welke behoefte spelen de betrokkenen in? Yoshi Tuk interviewde in mei 2019 Privacy first woordvoerder Martijn van der Veen voor Emerce. Hieronder het interview: De Europese betaalrichtlijn PSD2 levert behalve innovatie ook privacyzorgen op. De in januari in werking getreden richtlijn \u2013 Nederland volgt waarschijnlijk deze zomer met eigen wetgeving \u2013 zorgt ervoor dat consumenten bedrijven toegang kunnen geven…<\/p>\n","category_list_v2":"nieuws<\/a>","author_info_v2":{"name":"Martijn van der Veen","url":"https:\/\/psd2meniet.nl\/en\/author\/martijn\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts\/32"}],"collection":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/comments?post=32"}],"version-history":[{"count":2,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts\/32\/revisions"}],"predecessor-version":[{"id":160,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts\/32\/revisions\/160"}],"wp:attachment":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/media?parent=32"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/categories?post=32"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/tags?post=32"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}