When you pay digitally today, your transaction most likely goes through Visa, Mastercard, or PayPal. All US companies. All subject to the CLOUD Act, which lets American authorities compel them to hand over user data with little recourse for you or for European regulators.

Europe's digital payment infrastructure is, in other words, largely in US hands. And the geopolitical implications of that dependence are no longer theoretical. In early 2025, the Chief Prosecutor of the International Criminal Court lost access to his email account following US sanctions. What happened with email can happen with payments.

That’s why since 2023, the European Union has been working on a Digital Euro. A digital currency issued by the European Central Bank and intended to serve as a public, European alternative to existing digital payment services. The core promise has always been: the Digital Euro should be cash-like: as private, as accessible, and as independent as notes and coins in your wallet.

Promises vs. architecture

The core problem with the current draft is this: its privacy guarantees rely too heavily on institutional assurances rather than technical enforcement. That's not enough. We know from decades of digital rights work that promises made in legislation can be weakened in implementation, reinterpreted in court, or simply broken.

The technical tools to do this properly already exist. Zero-knowledge proofs, threshold cryptography, authenticated encryption: all deployed in security-critical systems today. The Austrian National Bank has shown in a working paper that privacy and traceability aren't in conflict. Routine payments can be protected without making legitimate law enforcement requirements impossible. This isn't a technical question anymore. It's a political one.

A critical vote is coming up

On 23 June, the Economic and Monetary Affairs Committee (ECON) of the European Parliament votes on its position on the Digital Euro. This is not a formality. What the committee decides sets Parliament's negotiating position for the trilogue with the Council and Commission, and with it the framework for everything that follows.

There are encouraging signs. Amendments on the table call for a privacy threshold for smaller payments, Privacy by Design and Default as a foundational principle, and a ban on biometric identification by payment service providers. These are the right impulses. Whether they prevail will be decided in the coming weeks.

What we're calling for

Together with partner organisations, we've addressed an open letter to Members of the European Parliament. We're not calling for the project to be stopped. We want it to work, on the terms it promised.

That means: a clearly defined threshold below which everyday payments enjoy genuine privacy protection, comparable to cash, technically enforced. It means public documentation of the core technical mechanisms and, where possible, open source code. It means early, substantive involvement of the European Data Protection Supervisor, and genuine engagement with civil society, not just communication campaigns.

And it means an accompanying legal right to use cash. The Digital Euro should expand freedom of choice. Not quietly phase out another.

What's at stake

In the ECB's own public consultation, 43 percent of respondents named privacy as the most important feature of the Digital Euro. A project that ignores that risks failing, not through regulation, but through lack of public trust.

Billions in public investment. Years of political momentum. A rare alignment of technical feasibility and political will. This is an opportunity Europe won't get again soon: a digital payment infrastructure that doesn't merely respect fundamental rights, but actively protects them.

The ECB is aiming for a 2029 launch. Legislative clarity is needed before the summer recess. There is time, if Parliament uses it.

Our full open letter