IT and data

Legislation on financial services contracts concluded "at a distance" is on its way in Spain

Published on 28th Dec 2023

Member States have until late 2025 to enact in domestic law provisions that address digitalisation and protect consumers

Four people in a circle, close up view of them holding and typing on their smartphones

The European Commission's Directive (EU) 2023/2673 amends consumer laws to include specific provisions on pre-contractual information and the right of withdrawal regarding the conclusion of financial services contracts and grants new protections such as the "withdrawal button" and measures against "dark patterns".

The directive gives Member States until 19 December 2025 to implement its provisions into the national laws. However, the new obligations provided for by the directive will not be applicable until 19 June 2026.

Safety net

Consumer rights directives have traditionally left the contracting of financial services outside their scope of application since contracts of this kind are usually regulated by specific laws. With the rise of ecommerce and emergence of new financial services that could not be covered by the rules at the time, the European Commission adopted Directive 2002/65/EC establishing a "safety net" feature that ensured the protection of consumers of financial services even if the relevant financial service is not regulated by specific laws.

Directive 2002/65/EC was implemented into Spanish law by means of Law 22/2007, which applies the safety net feature in a complementary manner to certain aspects of financial services. It establishes general requirements that are applicable to any financial services contract and envisages that specific regulations may provide for additional requirements; for example, this is the case for pre-contractual information. A payment service user who is a consumer may be entitled to precontractual information under Law 22/2007 and to the prior general information on the framework contract required under the Payment Service Directive 2.

Directive (EU) 2023/2673 provides a greater degree of legal certainty as to how the safety net feature should be applied where specific rules apply to the contracting of the relevant financial service.

In general, the provisions of the directive will apply provided that there are no specific laws governing the financial service, or, if specific laws apply, they do not contain rules on the aspects covered by the directive; for example, precontractual information or the right of withdrawal.

Withdrawal button

One of the outstanding provisions is that traders will need to make available to consumers with whom they contract electronically a function to withdraw from the contract as easily as they have executed it – that is, a "withdrawal button". This obligation applies to the contracting of any product or service that falls under the scope of Directive 2011/83/EU and not only to financial services. Any market operator offering products or services to consumers through an online interface will  need to implement the withdrawal button.

Dark patterns

Another outstanding provision concerns "dark patterns" and the design or operation of online interfaces that distort or impair consumers' ability to make free and informed decisions. These are commercial practices that have recently received attention from legislators and supervisory authorities. Without prejudice to the general interface design obligations imposed on online platform providers by the Digital Services Act, this attention is now materialised in the directive.

In particular, Member States will need to address at least one of the practices considered as dark patterns by the directive; or example, making the procedure to terminate a service more difficult than it is to subscribe. As in the case of the withdrawal button, these rules will apply to the contracting of any product or service, not just financial ones.

Osborne Clarke comment

The Spanish legislator will have to address dark patterns for the first time. In the absence of a specific regulation, dark patterns have traditionally been assessed from an unfair competition law perspective and, where appropriate, from a data protection law standpoint.

What path the Spanish legislator takes on this remains to be seen, bearing in mind that the directive allows for more stringent provisions than those envisaged therein – as long as they are in conformity with Union law.

Follow
Interested in hearing more from Osborne Clarke?
Register now for more insights, news and events from across Osborne Clarke
Sign up
Related articles
Dutch Data Protection Authority issues new guidance and steps up cookie-banner supervision
15/02/2024 4 mins
Data protection law challenges in Europe when using AI services
06/02/2024 3 mins
DORA – New EU cybersecurity law for Crypto
31/01/2024 5 mins
UK Binding Corporate Rules: are updates a reason to reconsider the 'gold standard' transfer tool?
24/01/2024 5 mins

sectors

services

* This article is current as of the date of its publication and does not necessarily reflect the present state of the law or relevant regulation.

Connect with one of our experts

Interested in hearing more from Osborne Clarke?
Register now for more insights, news and events from across Osborne Clarke
Sign up