Photo of Dan Cooper

Dan Cooper

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing clients in regulatory proceedings before privacy authorities in Europe and counseling them on their global compliance and government affairs strategies. Dan regularly lectures on the topic, and was instrumental in drafting the privacy standards applied in professional sport.

According to Chambers UK, his "level of expertise is second to none, but it's also equally paired with a keen understanding of our business and direction." It was noted that "he is very good at calibrating and helping to gauge risk."

Dan is qualified to practice law in the United States, the United Kingdom, Ireland and Belgium. He has also been appointed to the advisory and expert boards of privacy NGOs and agencies, such as Privacy International and the European security agency, ENISA.

Blockchain technology has the potential to revolutionise many industries; it has been said that “blockchain will do to the financial system what the internet did to media”.  Its most famous use is its role as the architecture of the cryptocurrency Bitcoin, however it has many other potential uses in the financial sector, for instance in trading, clearing and settlement, as well as various middle- and back-office functions.  Its transformative capability also extends far beyond the financial sector, including in smart contracts and the storage of health records to name just a few.

A blockchain is a shared immutable digital ledger that records transactions / documents / information in a block which is then added to a chain of other blocks on a de-centralised network.  Blockchain technology operates through a peer network, where transactions must be verified by participants before they can be added to the chain.

Notwithstanding its tremendous capabilities, in order for the technology to unfold its full potential there needs to be careful consideration as to how the technology can comply with new European privacy legislation, namely the General Data Protection Regulation (the “GDPR”) which came into force on 25 May 2018.  This article explores some of the possible or “perceived” challenges blockchain technology faces when it comes to compliance with the GDPR.

Continue Reading The GDPR and Blockchain

The Payment Services Directive (PSD2), which took effect on January 13, 2018, puts an obligation on banks to give Third Party Providers (TPPs) access to a customer’s payment account data, provided the customer expressly consents to such disclosure. The new legislation is intended to improve competition and innovation in the EU market for payment services. The General Data Protection Regulation (GDPR), which is due to take effect from May 25, 2018, enhances individuals’ rights when it comes to protecting their personal data. The interaction between PSD2, aimed at increasing the seamless sharing of data, and the GDPR, aimed at regulating such sharing, raises complicated compliance concerns.

For example, where banks refrain from providing TPPs access to customer payment data for fear of breaching the privacy rights of their customers under the GDPR, competition authorities may consider this a breach of competition law. This concern is already becoming a reality for banks – on October 3, 2017, the European Commission carried out dawn raids on banking associations in Poland and the Netherlands following complaints from fintech rivals that the associations were not providing them with what they considered legitimate access to customer payment data.

Continue Reading Overlap Between the GDPR and PSD2