Show Me the (Data About the) Money!

Research output: Contribution to journalArticlepeer-review


Information about consumers, their money, and what they do with it is the lifeblood of the flourishing financial technology ("FinTech") sector. Historically, highly regulated banks jealously protected this data. However, consumers themselves now share their data with businesses more than ever before. These businesses monetize and use the data for countless prospects, often without the consumers' actual consent. Understanding the dimensions Of this recent phenomenon, more and more consumer groups, scholars, and lawmakers have started advocating for consumers to have the ability to control their data as a modern imperative. This ability is tightly linked to the concept of open banking-an initiative that allows consumers to control and share their banking data with service providers as they see fit. But in the U.S., banks have threatened to block the servers of tech companies and data aggregators-business entities that serve as the middlemen connecting FinTech companies and banks, enabling consumers to get more'financial services-from accessing their customers' data even if the customers agree to it. With no regulation or accepted standards for the ethical gathering and use of data, banks argue that limiting access helps them protect their clients' privacy, improve their accounts' safety, and promote consumer protection principles. Banks claim that FinTech apps collect more data than needed, store it insecurely, and sell it to others. But the motivation of the big banks in advocating for such limitations may not be so pure. Banks do not want to relinquish competitive advantages, lose customers, or be held liable jor data or fund losses. Witnessing resistance, tech companies are not sitting idly by waiting, for banks to limit their data access. Instead, they are working on ways to outsmart banks' blocking technology and use data aggregation services as a middleman. They also extended the fight into Washington, where regulators such as the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) are noticing how technology impacts consumer data flows and credit reporting issues. Advocating for consumers' rights to control data, tech companies lobby for open banking. The legal status of third-parties' right to access consumers' financial data is anchored in the EU's recently adopted Payment Services Directive II. In the U.S., however, the approach to open banking is market-based, in which data aggregators have become key players without the notice of consumers. Realizing this, in 2018, the Financial Industry Regulatory Authority (FINRA) issued a warning about the dangers of consumers sharing their account data with data aggregators to access apps, and in 2019, the Federal Deposit Insurance Corporation (FDIC) inspector general released a report expressing concerns about data aggregators. The status-quo could change. The previously ignored Section 1033 of the Dodd-Frank Act "provides, for consumer rights to access financial account and account-related data in usable electronic forms." Yet, the section's applicability to third-parties, which access consumer data with consumers' permission as opposed to consumers directly accessing their own data, is not clear. Similarly, regulation must address data aggregators' business operations, including, issues such as anticompetition, obtaining consumers' informed consent to data sharing, and data security, given the credit card companies' recent attempts to acquire the biggest data aggregators. This Article is the first to direct attention to data aggregators-an overlooked category within the Anancial services industry. By analyzing financial regulation and privacy law, this Article examines data aggregators' relationships with banks, tech companies, and consumers. It provides a comparative lens between top-down and bottomup regulatory approaches to data sharing, and draws from an Australian law thrit creciteR n singular consumer right that enables all institutions to connect to other data systems. It also suggests regulating data aggregators as gatekeepers in ways analogous to credit rating agencies.
Original languageEnglish
Pages (from-to)1277-1348
Number of pages72
JournalUtah law review
Issue number5
StatePublished - 2020
Externally publishedYes


  • UNITED States. Consumer Financial Protection Bureau
  • UNITED States. Federal Trade Commission
  • FINANCIAL Industry Regulatory Authority
  • EFFECT of technological innovations on financial institutions
  • INFORMATION services


Dive into the research topics of 'Show Me the (Data About the) Money!'. Together they form a unique fingerprint.

Cite this