The updated European Payment Service Directive (PSD2) requires banks to give third party financial services access to our bank accounts. Some safeguards have been put in place: the financial services must have a license, and must ask for our explicit consent before they can access our financial transactions. From an innovation and fair competition perspective, this makes sense: banks are overprotective monopolies. However…

Barclays Bank is considering to allow their customers to check their account balance through Facebook. And a Google subsidiary (Google Payment Ltd.) already has a license to issue electronic money and to provide payment services.

So we will soon be able to get an overview of our financial transactions in either Facebook or Google Now. From a usability perspective this is actually quite nice. But it comes at a price: we have to give Google access to our intimate financial details.

For those that shrug their shoulders, think again.

The web has changed the way we shop in many ways.

  • We have immediate access to an endless number of online shops.
  • We can compare their prices and offers (although this usually involves an intermediary that does the comparison for us).
  • We get targeted advertisements based on online profiles derived from our online behaviour.
  • Shops tailor their offers and recommendations based on such profiles too.

So instead of one physical shop that looks the same to all its customers and has fixed price tags seen by all its customers, a web shop is personalised and can offer each customer a different price for exactly the same product. Recent scientific research suggests (but does not prove) that this is already taking place.

With access to your financial details, Google can tell these shops exactly how much you are worth, and even signal them the moment you get a gratification. This allows web shops to become even more personalised, offering only the things you like with exactly the price you can afford and are willing to pay. It’s like walking into shop ‘naked’ wearing a sign saying you’re a millionaire (or not). Or worse: like being a western tourist starting a bargain in a Moroccan souk or Indonesian pasar. You just know you will overpay. You’re negotiation skills may only reduce the damage somewhat (and if the shop keeper is any good, you may even walk away thinking you got a very special deal).

Proponents of the new payment directive say that this horror scenario cannot happen because the financial service providers that get the access are regulated and need to adhere to the strict European privacy laws. However, enforcement of these laws, especially against non European companies, has so far been found wanting. This is not very reassuring.

There is only one hurdle, one final defence, protecting us from this ‘commercial singularity’ (and I don’t mean that in a very reassuring sense).

Our consent.

Unfortunately Google and friends have quite consistently shown in the past how easy it is to pilfer our consent from us. You only have to look at all the people that are using Google Now (and gave Google permission to track their whereabouts forever).