More emails about privacy practices and data disclosures are landing in consumers’ inboxes. As users’ digital footprints expand, these messages seem to come from every direction—big-box retailers, healthcare providers, financial services firms, and even streaming services.
While these emails may feel like a rote legal exercise to some—or an unwelcome intrusion to others—the growing emphasis on protecting personal data is a positive trend. These notifications not only provide greater transparency but also serve as an opportunity to build trust with consumers who are increasingly concerned about how their data is collected and shared.
Despite improvements in messaging, there are still many areas where privacy processes can be optimized.
For example, the emergence of open banking has introduced a web of intricate relationships between banks and third-party providers. As Tracy Goldberg, Director of Cybersecurity at Javelin Strategy & Research, examined in the Data Transparency in the Age of Cyber and Privacy Risk report, this complexity—combined with escalating cyber threats—has made delivering clear, effective privacy disclosures both more difficult and more essential.
A Hot Topic
Historically, privacy disclosures were often treated as an afterthought, buried within layers of website navigation. Even when customers managed to find them, they were frequently confronted with dense, jargon-heavy documents that were difficult to understand.
“It’s been nice to see that as we have done our Cyber Trust in Banking evaluations over the course of the last three to four years, that financial institutions are making it much easier for consumers to find privacy disclosures on their website,” Goldberg said. “In some cases, financial institutions are even breaking out privacy disclosures for senior citizens, for children, and for those who fall within the working-age consumer category.”
Along with this personalized touch, institutions should prioritize clarity and accessibility, ensuring disclosures are easy to find and written in plain language. In addition, privacy documentation should be updated regularly—at least on a quarterly basis. Many consumers seek out these materials to confirm that their financial institution has adequate data protections in place. Outdated policies can quickly erode that confidence.
When significant policy changes occur, customers should be notified as soon as possible. However, even in the absence of major updates, periodic privacy notices remain valuable. These communications act as important touchpoints, reinforcing that customer data is both protected and prioritized.
Ultimately, the goal of these privacy best practices is to foster trust—a challenge that continues to grow amid persistent concerns around the economy, fraud, and evolving technologies.
“We’re finding that consumers are actually reading privacy disclosures,” Goldberg said. “A lot of that has to do with the fact that privacy is such a hot issue for consumers, especially in this age of AI. Consumers have concerns about their data being everywhere and they’re starting to pay attention.”
“Making it easy for consumers to find those disclosures—and this would apply to any business, but financial institutions in particular—is important because consumers want to know that their data is secure,” she said. “They want to know their privacy is being respected.”
Linked by Choice
While financial institutions are doing a better job of managing their own privacy policies, the increasing role of fintechs in the digital banking ecosystem has rapidly muddied the waters.
For example, customers attempting to understand how their personal data is shared with third-party partners often encounter a labyrinthine task that rivals the privacy practices of the past. In many cases, opting out of data sharing is just as cumbersome, despite being a feature that should be straightforward and accessible.
On the other hand, placing all third-party relationships front and center in a website or app risks overwhelming users with too much information.
“There are so many places where your data is linked,” Goldberg said. “Sometimes it’s by consumer choice—I choose to link my bank account to my Venmo account, that’s a choice I’ve made. I choose to link my bank account to some of the retailers that I use. When I log into online banking, I’m going to see all of those connections, and for some consumers, that may be overwhelming.”
“It’s a fine line,” she said. “Part of it goes back to knowing your customer and knowing what your customer can handle. Some of the options that you provide to one customer may not be the same as the options you provide to another. That’s where it gets a little bit difficult for financial institutions because it’s not a one-size-fits-all approach.”
Thinking Ahead to Open Banking
Although the proliferation of fintech companies has made privacy documentation more complex, these providers play an integral part of the predominant open banking model. This trend is unlikely to reverse, as consumers increasingly expect the convenience and functionality fintechs enable. Moreover, the competitive nature of financial services demands strong technological infrastructure—something many banks can’t build independently.
The benefits of open banking have prompted many regions to develop regulatory frameworks to support it. In the United States, however, a more market-driven approach has created challenges for financial institutions seeking to define their privacy and security strategies.
Most notably, uncertainty remains around the final implementation of Section 1033—the open banking rules finalized by the U.S. Consumer Financial Protection Bureau—which continues to leave key questions unanswered.
“Financial institutions don’t have a lot of guidance to go on,” Goldberg said. “They need to be thinking ahead because we know open banking is here. It makes life easier for the consumer; it’s not something that we can just forget about. But we do also have to remember—from a financial institution perspective—that there are privacy considerations that have to be taken into account and transparency is key.”
The post As Open Banking Fuels Interconnectivity, Privacy Matters More appeared first on PaymentsJournal.
