Skip to main content

Users beware: The banks are spying on you! It recently emerged that deep inside a TD Canada Trust Visa cardholders agreement are embedded a couple of troubling lines giving the bank the legal right to collect data on everything a person does online.

The scope of these provisions, revealed last week by the CBC, is expansive. They basically give the bank the right to view the content of Google searches, the sort of online videos a cardholder watches, their social media activity and much, much more.

The bank can learn a lot from this information. Are you searching for legal advice on defaulting from a loan? Are you thinking of moving or getting married? Are you straight or gay? Do you prefer cats or dogs?

Story continues below advertisement

TD might have overreached in wanting to gain access to all this information, because maybe the bank doesn't really need to know that much about its customers.

At the margin, more information is probably going to give the bank a business edge – for example, knowing which people are having financial troubles could be useful. But these advantages probably aren't enough to justify violating customers' privacy.

At the end of the day, though, TD is not the problem. It's just one cog in a much larger data-driven market.

And even the bank's own legal language paints the wrong picture.

Despite wording to the effect that the bank is "collecting" information on our online activity, it's probably not "collecting" anything in the strictest sense of the term. It's most likely buying information from data brokers and private companies that aggregate information gleaned from mobile applications, Google Inc., Facebook Inc., Twitter Inc., Instagram and other online platforms.

This practice is hugely common and hugely problematic. As Frank Pasquale notes in his book The Black Box Society, insurers in the United States routinely try to buy records of people's pharmaceutical visits in order to gain an edge.

Target, the retail giant, famously sent individually tailored advertising to a teenaged girl near Minneapolis because its data aggregation and analytics had correctly predicted that she was pregnant – a fact she hadn't yet told her family.

Story continues below advertisement

Other cases include a data broker selling information on 500,000 gamblers to criminals and the sale of information on people with severe diseases such as cancer or Alzheimer's to those who sought to profit from those with poor health.

The real problem with the cases mentioned above, including the one involving TD, is the lack of clear rules in an era of Big Data.

We don't yet really know who can collect what, and even fewer restrictions exist on how data that have already been collected can actually be used.

But the onus here is not on the private sector alone. We, the individual users of Twitter, Facebook and Gmail, share a lot of the responsibility. We have all struck a Faustian bargain that encourages us to use free online applications and services.

But, as the old saying goes, nothing in life is actually free. It's the digital age, but the dusty old rule from the analog era still applies. Facebook, Gmail, Twitter and all the rest are not providing you with a free service. They are selling data on your voluntarily turned-over habits and behaviours to marketers and data-aggregation services. As the new saying goes, if you're not paying for it, you are the product.

In short, we should be worried about what TD was reportedly doing, but we shouldn't view it as an isolated event. It's part and parcel of the new normal.

Story continues below advertisement

What we need now is a new approach that clarifies both who can collect specific types of information and how user-generated data can be utilized once it does exist. All this can only start if people realize that nothing is free. We pay for our free e-mail somehow.

If we really care about privacy, we need to start from the source and work our way out – rather than merely trying to roll back the edges of the Big Data tide.

Report an error
Tickers mentioned in this story
Unchecking box will stop auto data updates
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

If your comment doesn't appear immediately it has been sent to a member of our moderation team for review

Read our community guidelines here

Discussion loading…

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.