This was my speech for the Dutch Parliament about the usage of customer data by banks:

Esteemed chairman, commission and others present,

Much has already been said today about the role of banks in our society, the legal framework within which they have to operate and their role regarding innovation. I would like to attempt to place the subject into a different perspective.

We owe it to an American whistle-blower that terms such as ‘big data’ and ‘metadata’, terms the general public has never been confronted with before on such a massive scale, have become trending topics in the Dutch media.

Governments set a bad example

On a large scale, foreign intelligence agencies and governments gather information about and communication between private individuals who, according to art. 12 of the Universal Declaration of Human Rights, art. 17 of the International Covenant on Civil and Political Rights, articles 7 & 8 of the Charter of Fundamental Rights of the European Union, art. 8 of the European Convention on Human Rights and also art. 10 of the Constitution of the Netherlands, have a right to protection of and respect for their personal privacy. Governments that gather and process private information on such a massive scale are not exactly setting a good example.

Nothing to hide

Data, metadata and big data are supposedly nothing to be ashamed of and there would be no reason to have anything to hide, that’s what an uninformed citizen might conclude in an age where the phrase “I have nothing to hide” is becoming a personal motto for more and more people, which I regard as an expression of moral superiority through an extreme case of mass exhibitionism. 

According to the above legislations, the question “you don’t have anything to hide, do you?” can rightly be answered with “that’s none of your business”. That’s a legality that has been discussed little, perhaps too little, in your House of Representatives so far. All the more reason to commend today’s meeting.

Less and less privacy left: digital predators?

Because unfortunately, in practice, we do have less and less to hide these days. Due to the increasing complexity of society and the exponentially increasing amount of available data, the digitalised populace of the world has a strong need for simplicity and relevance. This need has become so strong that it’s ended up being the core business and the most well-known export product of the startups in Silicon Valley, startups that often work according to the following recipe: be like a digital vacuum cleaner and slurp down as much information as possible, as private as possible, about as many individuals as possible, both overtly — by asking for it in exchange for ‘digital lollipops’, i.e. stimuli — and covertly — by registering behaviours in secret. Input these data into secret algorithms. And the algorithms then let the users experience more convenience, simplicity, enjoyment and relevance. More and more companies using this model are becoming larger and more successful than any individual company in the sector that we are talking about today.

@Pavlov

In the year 2014, we cheerfully give up our privacy in exchange for a like or a retweet, and by now nobody knows any more in which databases their bits of privacy are stored — let alone being able to enforce rights regarding them.

Privacy is an unusable term

‘Privacy’ is a word we shouldn’t use as often as we do: it’s a concept that’s invisible when it’s there, we only see (a lack of) privacy once it’s gone — too late.  We should instead talk about freedom, autonomy and self-determination of the individual. Being allowed to be yourself, to think whatever you want and to act within the law with no hindrance. That resonates with everyone.

Freedom to form opinions?

The year is 2014, we live in world with data collections that increase in both size and number, where it’s possible for a young woman — in the classic example — to find out she’s pregnant from internet advertisements, and where a search engine knows sooner and quicker that you want to end your life. Enter “I want to ” into the most well-known search engine and you’ll see it completing your query with “get pregnant” and “die”. Medical confidentiality does not factor into that. The business model of many online service providers is to hold onto us for as long as possible, to collect as much data as possible, to show advertisements in the meantime and to make billions of dollars that way.

Objective truth is difficult to find

Objectivity is not a part of that business model. That’s because we are not the customers of these ‘vacuum cleaner style big data companies’. Usually we don’t pay them money and we have no say in the terms and conditions under which we do business with them. It’s also not clear whether European regulations apply to their activities at all. They show us what we want to see, so that we’ll be exposed to them for as long as possible, and meanwhile they try to keep their customers satisfied: many of them are advertisers willing to pay to have a custom-tailored message projected onto our grey matter, in order to influence our future buying decisions or our opinions on subjects that are important to them. So it’s possible for our data, our private information, to be used against us.

Powerless

More and more people are aware of this, and yet most people don’t do anything about it.

Privacy awareness

Still, something has changed. Reactions to the unclear but awful plans of the Dutch bank ING were intense. Incidentally, due to the clumsy communication of that company it’s still not clear to me what exactly they’re planning. But whatever their plan is or was: just that is already a reason why it’s an awful idea. Innovation in an area as important as this must only happen with simplicity, clarity and full consent of everyone involved.

Benefits of big data for banks

The benefits of using data as a bank aren’t difficult to imagine: seeing an account holder’s monthly income decreasing, their credit card debts rising and the moment approaching when they won’t be able to pay their mortgage any more would be useful as a cue for the bank to have a talk with that customer. But if there’s one sector that should be very careful with the data it stores and acquires, that shouldn’t take risks with ‘big data experiments’, it’s that sector that forms the roots of our financial existence. But who does that include? Just the banks?

Competition to banks from all directions

That is increasingly not the case. There is a major shift happening within the world of payment service providers, the companies that process our financial transactions. Whereas that used to be only banks, it now increasingly includes startups and companies from ‘the New World’ I’ve discussed: Google (with their Google Wallet), Apple (in the App Store), Vodafone, who has recently started offering contactless debit card payment.

The ‘battle’ is lost

The prudence we should ask of banks when it comes to gathering, processing and using private information is something these companies — particularly the first two — have given up a long time ago. In fact, they are undoubtedly the inspiration for our banks’ big data adventure.

We need to create a level privacy field for all companies that are involved in the processing of our financial transactions. If we don’t, then it’s very possible that the parties that use our data more will win when it comes to user friendliness and convenience, and it’s still an open question whether that will yield more freedom, autonomy and self-determination for the users. And whether it would necessarily make the financial system more stable.