Influencing judicial investigations: Multi-site regulators request exemptions from new EU data regulations

Regulatory officials told Reuters that financial regulators in North America, the United Kingdom and Asia are urgently seeking exemptions for the latest data protection regulations in the EU, lest this rule is detrimental to cross-border case investigations.

These officials warned that if the EU fails to explicitly exclude market regulators from the EU's General Data Protection Regulations (GDPR), it may be detrimental to international investigations and judicial actions involving market manipulation and anti-fraud.

GDPR came into force on May 25. This rule has been in place for several years. In the past year, as the effective date approached, foreign regulators and key international entities were stepping up lobbying.

GDPR strengthens the privacy protection of personal data within the EU and gives consumers greater control over their personal information. Government officials and legal experts say that the new regulations also apply to the transmission of cross-border personal data out of the 'public interest'. The restrictions impose new conditions on their use, including the introduction of additional privacy measures.

Under the previous law, regulators can use the immunity to share key information such as bank and trading account data to investigate misconduct. At present, regulators can continue to share such data through new exemptions. However, they also stated that Doing this directly will enter the legal grey field because the expression of the new law leaves room for interpretation.

They are concerned that if there is a lack of clear explanations, similar investigations into cryptographic currency fraud and market manipulation in the United States may be at risk. Many of the participants in these cases are located outside the United States. Without exemptions, cross-border information sharing may be possible. To the problem, the EU may think that the privacy protection measures of some countries and regions have not reached the level required by the EU.

Sources said that in order to counter this risk, these regulators are urging the Brussels-based EU Data Protection Committee (EDPB) to officially come up with an “administrative arrangement” to clarify in writing whether exemptions can be obtained for acts of public interest, and How to operate the information sharing in the environment.