sakkmesterke - Fotolia

Fintechs must curb privacy invasion, says Privacy International

Privacy International is calling for legislation and regulation to ensure financial technology firms respect consumers’ rights to privacy, equality and non-discrimination

There has been a “massive increase” in the quantity and scope of consumer information gathered by financial institutions, according to a report by Privacy International.

The global privacy watchdog conducted fieldwork in India and Kenya to understand how developments in the financial technology (fintech) sector affect the privacy of consumers.

The report reveals how the growing fintech sector analyses consumers’ social media use and smartphone habits to decide if individuals are eligible for a financial loan.

Publication of the report’s findings coincides with news of a compensation claim of £2.7bn on behalf of 5.4 million iPhone users for allegedly harvesting and selling web browsing data without permission.

According to Privacy International, the increase in consumer information harvested by fintech firms has been largely unchecked, particularly in developing countries, while serving the interests of companies and industries, which are mostly located in developed countries.

New sources of data, including text messages and call logs, are increasingly being used to decide a consumer’s suitability for various financial products, including loans, the report reveals.

If current trends continue, Privacy International believes it will become increasingly difficult, and eventually impossible, for people to use financial services without having to allow access to the most intimate information about themselves.

The report is based on research that analyses the India Stack initiative, built on the Aadhaar identification number in India, and credit scoring apps and services in Kenya.

Read more about fintech

“Technology is bringing an unprecedented level of change to financial services. But it seems the privacy implications of these changes have not been acknowledged by industry, funders, governments or regulators,” said Tom Fisher, Privacy International research officer and author of the report.

“The fintech sector is using vast sources of our personal information to create our financial identity – data from our spending, our social networks, our phones.

“The sector must begin to recognise the risks and harms that are emerging from its work, particularly in parts of the world with limited or non-existent data protection legislation. We need governments and regulators to ensure that advancements in fintech do not violate privacy,” he said.

Privacy International is calling on governments, companies and actors in the financial technology sector to ensure that consumers’ rights to privacy, equality and non-discrimination are respected, through comprehensive legislation and regulation, and to ensure that fintech initiatives empower individuals to have meaningful access to and control of their information.

Fintech refers to an array of sectors and technologies, including alternative credit scoring, insurance technology (insurtech) and regulatory technology (regtech). A survey by Ernst & Young found the use of fintech by consumers with access to the internet in developing markets, including Brazil, India, China, Mexico and South Africa, was considerably higher than the global average.

Read more on Privacy and data protection