I only carry a phone; never cash or credit cards. Digital payments are not only convenient for me as a consumer, they have reduced accounting and cash handling costs for businesses, and enabled e-commerce. 

The dark side of this convenience is that a move away from cash and cheques makes our payments easier to track. Payment companies and banks store and control our payment data. They make it easy for governments to track that data in a way that is more complete and granular than before.

“Privacy is for criminals”

When I tell people that I’m working on financial privacy, I am commonly met with the question “Isn’t privacy for criminals?”. When I point out the question’s premise, the reaction quickly changes. Many are embarrassed: “I can’t believe I just said that”.

We surrender our data to large technology companies and governments. We see this surrender as inevitable and unavoidable. Financial data privacy, and data privacy in general, is the price we pay for convenience. What’s more, the lack of privacy keeps us safe.

In 2022, payment privacy is not a virtue but something to be dismissed and shamed. 

Digital payment surveillance

Today, we have a system of digital payments where even the smallest sums are tracked – from our Venmo or Revolut transactions, to our credit card payments and bank transfers. Meanwhile, government know-your-customer (KYC) and anti-money-laundering (AML) laws are expanding in scope. For example:

• The EU requires tracking of customer identities by prepaid card companies for transfers or deposits over 150 euro. 

• A recent US government document proposed “to create a comprehensive financial account information reporting regime” for accounts with amounts above $600.1 

The operators of digital payment networks have privileged access to the increasing flow of data within them. Financial privacy is being surrendered to companies such as Visa, Mastercard, Paypal, JP Morgan, Citibank, and to the governments that regulate them.

Censorship in payment networks

Payment networks are getting censored both by governments and by private entities. Restrictions on payments are proliferating as a tool of government control. These restrictions undermine free speech and political expression. Some examples from 2022:

• The Canadian government froze the bank accounts of Canadian truck protestors.

• The European Union, United Kingdom, Canada, and the United States removed Russian banks from the SWIFT payment system. They restricted access for all Russians, whether Putin-supporting or not.

• The United States Office of Foreign Assets Control sanctioned all users of the Tornado Cash privacy service because North Korean hackers used it for money laundering. This affected all users, whether North Korean or not.

Economic sanctions are not new as political tools. But the comprehensive surveillance and sanctioning capabilities that digital payments allow are new.

It has become a cliché to liken companies’ surveillance capabilities to Jeremy Bentham’s panopticon, or even to the Eye of Sauron. But the point is well-taken: little is beyond the sight of modern financial institutions.

In theory, there is a difference between censorship by a government and by private entities. In practice, that difference can be blurred. Business operations and profits are contingent on a government licence, and that applies pressure (explicit and implicit) to satisfy government orders. This can include orders to provide financial information or block financial access. The prospect of regulation may well be influencing companies to pre-emptively censor. 

Financial institutions also act as de facto agents of law enforcement. For example:

• Visa and Mastercard have become the regulators of porn. They decide what kinds of porn are and are not allowed.

• Paypal has become the regulator of what is hate speech and what is free speech.

Some censorship is political. Censorship can also be driven by the economics of who to serve. The sheer volume of digital payments necessitates automated moderation. Some merchants get automatically blocked as collateral damage. It’s a similar dynamic to what happens on social media. As examples:

• YouTube recently suspended me for posting a tutorial for a payment product I am building.

• Google closed the account of a man who took a photo of his son’s groin for a doctor to review. The image had been accidentally caught by automated systems. This automated flagging triggered a police investigation that was concluded only ten months later. It is unclear whether Google restored the man’s account access since.

How did we get here?

When data is available, it is hard to repress the desire to monitor that data. Today’s digital payment networks are primed for surveillance. There are few limiting principles or protections.

In the European Union, there is a right to privacy in law:

This Regulation respects the fundamental rights and observes the principles recognised by the Charter, in particular the right to respect for private and family life (Article 7 of the Charter), the right to the protection of personal data (Article 8 of the Charter) and the freedom to conduct a business (Article 16 of the Charter).

But, rights to privacy are subservient to anti-money laundering laws. The EU permits the processing, storing and monitoring of financial data:

Certain aspects of the implementation of the AML . . . framework involve the collection, analysis, storage and sharing of data. Such processing of personal data should be permitted, while fully respecting fundamental rights, only for the purposes laid down in this Regulation, and for carrying out customer due diligence, ongoing monitoring, analysis and reporting of unusual and suspicious transactions, identification of the beneficial owner of a legal person or legal arrangement, identification of a politically exposed person and sharing of information by credit institutions and financial institutions and other obliged entities.

If a transaction is suspicious, there are exceptions to privacy rights:

The rights of access to data by the data subject are applicable to the personal data processed for the purpose of this Regulation. However, access by the data subject to any information related to a suspicious transaction report would seriously undermine the effectiveness of the fight against money laundering and terrorist financing. Exceptions to and restrictions of that right in accordance with Article 23 of Regulation (EU) 2016/679 may therefore be justified.

If any payments can be monitored for anti-money laundering, are any payments not allowed to be monitored? What privacy is there?

In the United States, a 1976 Supreme Court case established that financial records are the property of the financial institution, and not of the consumer. Nonetheless, in 1978, the Right to Financial Privacy Act required that the government receive the consent of customers before accessing their financial data.

However, following the World Trade Center attacks of September 11th, the Patriot Act was introduced to expand the surveillance capabilities of law enforcement. This included amending certain provisions of the Right to Financial Privacy Act, which provides customers with the right to be notified when their information is transferred between governments or agencies. The Patriot Act extended exemptions2 to this right to include “intelligence or counterintelligence activity, investigation or analysis related to international terrorism”. The Patriot Act also amends the privacy act to allow government agencies to directly access a customer’s information (via their financial institution) “to protect against international terrorism or clandestine intelligence activities”.

Given these exemptions to financial privacy rights – how much data is or isn’t handed over by financial institutions? What privacy is there?

A better future for payments

I am optimistic there will be a return to taking privacy seriously as a virtue. Although financial privacy is currently shunned, people recall the dystopias of books like Nineteen Eighty-Four and The Handmaid’s Tale. Nineteen Eighty-Four exposes a society that employs unrestricted monitoring to crush all opposition. The Handmaid’s Tale presents a society that sees women as tools of reproduction. Notably, women are not allowed to own money in the novel.

To many, the risks of being targeted through their financial data seem far-fetched. Yet, these books remind us that financial privacy is something to protect. 

To a degree, messaging apps are already returning to the sanctuary of privacy. WhatsApp, Telegram and Signal have moved to end-to-end encryption over the last years. Why accept (and value?) privacy in messaging, but not in payments?

End-to-end encrypted forms of payment will come to private, public and open payment networks. Imagine platforms like Revolut and Venmo, SEPA and PIX, Bitcoin and Ethereum, providing privacy by default. We need payment networks that allow for trust between individuals and businesses. What we don’t want is for data to be held centrally where it is readily accessible for surveillance. This is what I mean by payment privacy.

Digital payments are a new phenomenon that brings extraordinary benefits and unprecedented power. Society must respond by adopting tools and principles to manage that power. Payment privacy is coming soon.

Ronan McGovern is an entrepreneur who writes at RonanMcGovern.com. He recently founded Trelis and is building software for open payment networks.