EU: The interplay of PSD2 and GDPR - some select issues

It can be argued that the principle purposes of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and the Payment Services Directive (Directive (EU) 2015/2366) ('PSD2') are in contrast with one another, as the PSD2 enacts data sharing requirements for financial service providers, whilst the GDPR gives individuals greater control over their data and restricts the freedoms to share it. Financial entities have therefore experienced concern with regard to overlapping provisions in the two pieces of legislation. Scott McInnes and Lupe Sampedro, of Bird & Bird LLP, provide insight into the key areas of overlap between the PSD2 and the GDPR, and share their views on how entities might navigate the same.