The financial industry is helping itself to consumers’ personal data without any checks or monitoring from governments, a new Privacy International report revealed on Wednesday.

Consumers’ social media behaviour is not only monitored by employers, but also by credit rating financial institutions, such as banks and insurance companies. The information gathering has now expanded to include call logs, text messages, and social networks. What is being evaluated is no longer individual decisions and behaviour, but who individuals are and with whom they interact, and how. 

The danger is not only that this data is being concentrated without the consumers’ authorization by companies, obliterating any sense of privacy, but that surrendering private date may become a prerequisite for access to credit. 

A new field study report by Privacy International points to the emergence of the ‘fintech’ technology, with is in essence data-mining on behalf of corporate institutions, including banks. This new technology allows for the expansion in consumer data-mining that is neither understood nor checked by governments either in emerging or in developed economies.

The Privacy International report outlines how fintech threatens privacy and other fundamental rights by focusing on two case studies. Using research that analyses the India Stack initiative, built upon the Aadhaar identification number in India, and credit scoring apps and services in Kenya, the report shows how information that is traditionally considered irrelevant to the financial sector, such as social media usage and smart phone habits underpin credit rating strategies.  

“The fintech sector is using vast sources of our personal information to create our financial identity – data from our spending, our social networks, our phones. The sector must begin to recognise the risks and harms are emerging from its work, particularly in parts of the world with limited or non-existent data protection legislation. We need governments and regulators to ensure that advancements in fintech do not violate privacy,” PI Research Officer Dr. Tom Fisher says.”

The term ‘fintech’ has been defined by PricewaterhouseCoopers as “a dynamic segment at the intersection of the financial services and technology sectors. An increasing number of technology-focused start-ups are focusing on alternative credit scoring, Insurtech and Regtech.

A survey by Ernst & Young found the use of ‘fintech’ by consumers with access to the Internet in developing markets including Brazil, India, China, Mexico and South Africa, was considerably higher than the global average. Privacy International will speak about the report findings at the LAVITS conference in Chile on 30 November.