Personal data advocacy and the role of financial institutions
27 November 2018
It’s time to pay consumers for their data
Brian O’Donnell and Richard Nesbitt published this opinion piece on personal data advocacy and the role of financial institutions in November 26th, 2018 edition of the Globe and Mail.
The world needs “personal data advocacy,” where an institution works with people to gather, protect and monetize their personal data. We think a comprehensive collection of personal data will enable everyone to exercise some degree of ownership control over it because now they have little control.
Last April, Senator Jon Tester of Montana challenged Facebook chief executive Mark Zuckerberg’s claim that clients owned the data they provided to the company.
“You said multiple times during this hearing that I own [my] data,” Mr. Tester said in a U.S. congressional committee hearing. “That sounds good, but in practice you’re making $40-billion a year. I’m not making money on it. It feels like you own the data. Could you give me some idea on how you can honestly say it’s my data?”
Social-media companies have amassed more than $2-trillion dollars in market capitalization. Their mass collection, storage and monetization of data have increased consumer exposure to cybersecurity issues and financial fraud. Facebook, Equifax and others have proven that.
Worse still, social-media firms take all the upside and leave users with all the risk, and then banks generally absorb the losses when accounts are hacked.
The current model has cracks in it so it’s time for another approach.
FIs are already custodians of our most valuable and sensitive transaction data. It would be natural for them to develop applications (likely via a partnership with a technology or telecommunications company) that could combine this information with other online data, and then store a complete data set in one “lock box” or data vault for each customer. Clients would suddenly have the most complete and valuable collection of their own data. Even if those data were compromised, it would be much easier to reset and lock them from one source than chase down every other owner of your data.