In its report, the EDPB and EDPS indicate that while they appreciate the regulation's data protection efforts, they have put forth recommendations to enhance personal data protection. They stress the importance of user privacy and call for a reduction in data processing and the prevention of data centralisation.

The regulation permits the establishment of a single access point for verifying user limits. The EDPB and EDPS request clarity on how user identifiers are processed and propose exploring decentralised storage alternatives.

The EDPB and EDPS believe the fraud detection and prevention mechanism needs better definition, urging the European Central Bank (ECB) and payment service providers to clarify their roles.

They also advocate for a “privacy threshold” for online transactions to limit tracking for anti-money laundering and counter-terrorism financing, suggesting the implementation of technical measures during the digital euro's design.

Lastly, they call for clearer description of data protection responsibilities, legal bases, and the types of personal data processed by the ECB and payment service providers.

The EDPB and EDPS will continue monitoring and guiding the regulation's development within their respective mandates.

The press release can be found here and the joint opinion can be accessed here.