Open Banking brings the question of data ownership to the forefront in a very real way. By proposing a standardized method to share securely your financial data, it raises an obvious question: Is that financial data yours to begin with or does it belong to the banks?
Open Banking discussions
In this article, we visit Australia, where Open Banking has led to broader discussions about data ownership, data control, and data rights, not just in the financial sector, but throughout the entire economy.
James Bligh — a legend in Open Banking
To explore this convoluted topic of data rights, we spoke with James Bligh. James is a legend in the Open Banking space and a veteran of API implementation. He started his career as a digital architect at the National Australian Bank, where he built their app and streamlined their online channels.
In 2018, James made the jump to the Data Standards Body. It was there that he led the development of the Consumer Data Right (CDR) legislation that is largely regarded as one of the most progressive Open Banking standards in the world.
Today, James is the Co-Founder of RedCrew, an elite engineering firm for large organizations that are looking to transform their technology assets.
More than just banking
When you look at Open Banking in Australia, the first thing you notice is that the regulation does not contain the words “Open Banking.” That’s because it’s not focused on banking at all. The CDR is really about the customer and the data they may want to share across any industry.
“The Consumer Data Right is really about the consumer. One of the issues with Open Banking is that it’s about banking. A lot of consumers aren’t interested in banking, but rather spending or earning or paying for their house.”
At the heart of the CDR is the notion of consent. Over time, consumers will get used to the idea of giving consent to share their data. There will need to be a level of trust and education, giving consumers the power of knowing they have control over that data. Since the CDR is a cross-economy, the idea is that consumers are going to want consent to be consistent across industries.
But what exactly consumers will consent to will largely depend on consumer experience as opposed to regulation, James says. By testing the users of the CDR, regulators can understand what they want to control in their financial ecosystem and adapt to those demands.
“The key thing is that it’s not a Terms and Conditions checkbox. You are in control. If someone is asking you to share six things, but you only want to share four, you can do that. And if you want to stop sharing, you can do that, too. The standard can be extended to cover, effectively, any kind of data.”
Most Open Banking standards cover accounts, transactions, payments, and a product book. The CDR has an additional element: customer payload. This is a common representation of a customer — a description of a person that’s carried around as part of the banking, telecom, or healthcare data that is being shared. Customer payload allows people to become new customers in a new sector by using data from an old sector.
Adopting the CDR
Australians’ forward-thinking approach to Open Banking is well on its way. The standards are published, and the rules of engagement are in place. Many of the trickier aspects, like support for joint accounts, have been worked out.
Australian banks found themselves in the awkward position of being unwitting trailblazers. Some took it in stride, others less so. But all of them, without exception, understand that Open Banking is going to change their business forever.
Australian fintech’s have been less enthusiastic. Given that they can use screen scraping today, there is little incentive for them to submit to a more controlled and regulated model. Unless consumers demand it, of course.
According to James, they soon will. More and more people, both in Australia and around the world, realize that their data is valuable and that the value it generates is being taken away from them. James believes the stage is set for a shift of power from the service provider back to the consumer.
“I think the environment is ready for this and desiring of this. And I think there’s definitely a frustration with the single checkbox Terms and Conditions model that gives all the power to the service and none of the power to the consumer.”
Data ownership vs. data control
Today, our data is out of control. It’s out there on the public internet, often in the hands of one or more tech giants who have recently come under major scrutiny for looking at data that they shouldn’t have access to. Ultimately, James says the solution to the problem is not a technical one, but a societal one.
Change only happens when society decides that there must be a better way. It is not enough for governments to enact policies. Once people see the possibility of a better, more adjusted world, they move towards it and the policy follows from there.
“From my perspective, it’s not about regulation. There will be sectors and stakeholders and even autocratic governments that will seek to control people and prevent them from expressing their wishes. History shows that eventually, the population wins.”
The issue is less about data ownership, and more about control over who sees what data for how long and, crucially, for what purpose. Once this control is in place, it forms the foundation for a more equitable exchange of value.
The smart banks out there will see Open Banking as a way to reap the rewards of network effects by building an ecosystem around their platform. To that end, they will embrace the controls offered by Open Banking. James says:
“I don’t see the CDR or Open Banking as an attempt to disintermediate or remove banks. Banking will always need to be there. The banks that will be successful are the ones that will see it as an opportunity to extend their reach, services, and customer experience, rather than retreat into some utility type concept.”
We often view tech companies as innovators and regulators as laggards. In reality, giant tech companies are often terrible at innovation, precisely because they are giant. Even the greatest of tech companies often get stuck in existing businesses and can’t see beyond them. James says APIs could create more innovation for FinTechs.
“If I took a large social media network and said, ‘You have to create an API. You cannot charge for that API and the customer can use that API to give authenticated explicit consent to a third party so that their data can be shared.’ That’s going to create innovation. I see it as a promoter of innovation, not a hindrance.”
In the same manner, regulators are not always stick-in-the-mud laggards, especially when those regulators are trying to tear down walls to create the level foundation for something new. The fact is that the people like James, who are chipping away at Open Banking regulations and the technologies that drive them, are doing some of the most radical, innovative work out there.
Should the rest of the world implement a similar standard to the CDR? According to James, that will all depend on if the legislation works in Australia. Ultimately, he would prefer for data rights to become a common practice organically, without having to be enforced by government regulation.
And for those who say the CDR goes too far? James says thank you for the feedback.
“If no one is saying that, I would be disappointed because developing a standard is about finding the middle point. It’s about pushing ahead and being ambitious, but not going too far.”
As for the future impact of the CDR for consumers, James envisions a world where data rights are commonplace.
“The CDR is a progression on the protections, controls, and the constraints around them that make data sharing work for people, rather than people work for data sharing.”
The CDR as a model for change
Most Open Banking conversations quickly lead to the question of data ownership. But James suggests the issue is not about ownership at all. The issue is really about how your data is being shared and controlled.
Open Banking hopes to put control back in the hands of consumers — not because they own the data per se, but because the data is about them, so they should be afforded some data rights.
Skeptics would say that reclaiming control of your data is a fallacy that can’t be done because information wants to be free. James responds that information has never been less free. Our data has been claimed and locked up in the walled gardens of the tech giants, well beyond our meager attempts to control.
According to James, it doesn’t have to be that way. If we stand up as a single voice and say that we want control of our data back, then we will get it back. Do not believe those who say it’s impossible. Not only is it possible, but it’s also happening.
Just the start…
Open Banking is just the start. Already in Australia, open telecom, open healthcare, and open electricity are all being built today. Around the corner, we already see the beginning of open social and, ultimately, open data or open x.
So, while banks may be first, the likes of Google and Facebook will have their turn as we finally rise to demand our data rights.
To listen to the full podcast episode and subscribe via your favorite player, click here.
If you missed podcasts 1-7, click here.