Skip to main content

Kennedy School Review

Topic / Science, Technology and Data

Fintech Customers Deserve Greater Command Over Their Data and Value Commensurate with Relinquishing It


March 15th marks World Consumer Rights Day. For American consumers exploited by data-grabbing corporate giants, one wonders whether there is much to celebrate.

The evidence shows that most companies “prefer to keep consumers in the dark, choose control over sharing, and ask for forgiveness rather than permission.” Target is a classic example of this behavior. Back in 2012, the company used its customers’ personal data to determine whether they were pregnant. If Target’s algorithms concluded a high probability of pregnancy, the company sent the expecting parents a booklet of coupons relating to motherhood. This gesture creeped out many booklet recipients, even leading to anger at times.

Fintechs Want in on the Action

Of course, smaller players want in on the money, too. Consider those ravenous fintechs scooping more data than they need, always elbowing for market edge.

Their aggression seems to be paying off and bringing the big banks, fearful of competition, to the table. For example, last October, JPMorgan signed a deal with Plaid Technologies, granting Plaid access to the bank’s customer data through the bank’s application programming interface (API), which allows data to be taken from one point to another. It’s a win-win for the two firms: Plaid can download JPMorgan customers’ data without requiring their usernames or passwords, but JPMorgan can still exercise control over the commercial use of the data.

In the U.S., there is a movement away from no cooperation between banks and fintechs and toward specific APIs that are more open than before. This selective openness is perforating the barrier to competition among fintechs and giving the most aggressive, like Plaid, considerable first-mover advantage.

The U.S. Can Learn from the U.K. and Europe

From an innovation standpoint, there are some good things to be said about fragmenting banks’ monopoly over consumer data as fintech startups enter the fray. The problem in the U.S. is that this pluralism is not benefiting consumers as much as it could, mainly because the U.S. lags behind nations like the U.K., which recently launched its Open Banking initiative. Open Banking, which spurred broad participation by U.K. banks, is “the practice of sharing financial information electronically, securely, and only under conditions that customers approve of.

The greater exchange of customer data calls for even greater guardianship of such data. Here too, the U.S. falls behind the U.K. and Europe because it lacks anything resembling the EU’s General Data Protection Regulation (GDPR). On this, even some U.S. tech giants concur. Microsoft’s Satya Nadella told the World Economic Forum that the GDPR is “a fantastic start on really treating privacy as a human right,” and that he is “hopeful that in the United States we will have something that is along the same lines.”

Since enforcement began in May 2018, the GDPR has acquired a reputation as the gold standard for consumer empowerment on data privacy and consent. In America’s own backyard, countries like Brazil are learning fast.

The Case for Transparency

A pressing question still lingers amid all this data cross-pollination and protection: When we, as individuals, grant fintechs access to our data in return for access to a suite of “free” products and services, what hidden costs—monetary or otherwise—do we pay in the long run? Also, how often do the fintechs sell our data to financial institutions, and for how much and at what margin? Such information can elucidate whether our data is worth more than the services we receive in exchange for handing it over.

In other words, to help individuals assess whether the transaction is fair, we need, at the very least, greater transparency in how our data is being exploited. Such transparency goes far beyond the occasional prompt when consumers download an app; it requires regular accounting of the use of the data. Rather than view this practice as yet another regulatory burden, fintechs and banks should see it as a matter of trust.

Venmo, for example, recently updated its privacy policy and uses simple, unambiguous language to explain what information it collects, how it collects, protects, stores, and shares that information, and users’ rights with respect to their data. The policy would be even better if it were more concise.

The Benefits Don’t Offset Disenfranchisement

To be clear, enhanced data sharing between banks and fintechs generates benefits for consumers. Credit assessment and lending, for example, are made frictionless for consumers via automated extraction and analysis of customer banking history. Yet another benefit is the increased pressure on banks to develop products that compete against those offered by third-party personal-financial-management fintech apps, like Mint.

These advantages, however, do not excuse fintechs’ failure to fully inform consumers about how their data is gathered, refined, distributed, and utilized, or their failure to grant consumers the right to freely access their data and choose to have it wiped from data repositories. The research shows that “Americans do not feel in control of their online data” and that “three-quarters of Americans say that control matters a lot to them.”

Even more fundamental, the touted advantages do not excuse failure to give customers the value they deserve—that is, value comparable to what fintechs extract for themselves by using their customer data. As indicated by this graph, the benefits of personal data need to be rebalanced in the interest of consumers, given that these benefits often weigh heavily in favor of the businesses.

Consumers Deserve Better

The point in all of this is recognizing that better data protection should go hand in hand with greater consumer freedom to leverage data for the fullest benefit, while sparking broader innovation in the marketplace that strengthens financial companies, too.

While no country has taken a clear lead in setting a framework for direct consumer compensation for use of their data, models like Pandora’s show that this concept is far from far-fetched.

In fact, the absence of clear global leadership is why the U.S. should step up to be emulated, taking cue from John F. Kennedy, the first world leader to promote consumer rights.


Ivan Rahman is an MPA Candidate and a Gleitsman Leadership Fellow at Harvard University and an MBA Candidate at Stanford University.



Edited by Bright Simons

Photo by dracorubio on Flickr