Facebook insists it has 'no plans' to exploit your personal banking info for ads – just as we have 'no plans' to trust it
After all, never say never!
Analysis Facebook has denied it is seeking to suck up netizens' bank account details, claiming it just wants to connect bank customers to their bank's chat accounts and give useful financial updates.
On Monday, the Wall Street Journal revealed that the social media giant had approached several large American banks – including JPMorgan Chase, Wells Fargo, Citigroup US Bancorp – looking to sign partnerships where they would share their data in return for Facebook connecting its billions of users to their services.
It's just one more way that Facebook is seeking to connect itself to every aspect of its users' lives so they are always using Mark Zuckerberg's empire. But given recent scandals in which the Silicon Valley giant has supplied vast quantities of personal data to third parties, the report sparked a wave of criticism – criticism the company claims is unfair.
"The story implies incorrectly that we are actively asking financial services companies for financial transaction data – this is not true," a Facebook spokesperson told The Register regarding yesterday's report. "Like many online companies with commerce businesses, we partner with banks and credit card companies to offer services like customer chat or account management."
Facebook claims that, far from seeking and storing users' bank account data, it is only seeking to help them. "The idea is that messaging with a bank can be better than waiting on hold over the phone – and it's completely opt-in," the rep told us.
"We're not using this information beyond enabling these types of experiences – not for advertising or anything else. A critical part of these partnerships is keeping people's information safe and secure."
Facebook already allows users to connect their bank accounts to its Messenger service so they can buy Facebook ads and/or sent money to friends via the platform – however, this is purely transactional, and it doesn't grant Facebook access to account balances, spending histories, and other financial records.
Facebook claims its suggested new approach would allow users to connect their social network accounts to banks' chat bots, and allow them to interact via the FB platform to search for transactions, receive fraud alerts, and handle other basic financial data and activities. Rather than bank over the phone or face to face in a branch, you manage your money via the bank's Facebook Messenger bots.
"The idea is that you can access a bank representative through chat rather than, say, waiting on hold," a Facebook spokesperson told us.
In return, the banks would have an opportunity to target their own customers with new services through a service that they use every day – Facebook.
Facebook stressed that it does not intend to use people's private financial data for targeted ads, and would not share it with third parties. "We don't use purchase data from banks or credit card companies for ads," Facebook's PR person said. "We also don't have special relationships, partnerships, or contracts with banks or credit card companies to use their customers' purchase data for ads."
So which is it? An outrageous financial data grab, or Facebook simply trying to provide its users with useful services? The answer is, of course, neither and both.
Facebook's entire, vast, revenue model is built on gathering as much data as possible on individuals and then figuring out how to package that in a way that other companies will pay for.
So while Facebook points out that users would have to opt-in to the service (rather than it simply purchase the data and access from banks), it hasn't been clear over what information it would actually receive under such an agreement, how often it would access that information, and whether it would store it.
There is a world of difference between alerting users that their bank account has fallen below a certain level, or that there is a fraud alert, and Facebook automatically sucking in your financial data – including every transaction you carry out, including where and when and how much – and storing it on its own servers.
We are willing to bet the proposed partnerships with banks are focused on the latter, effectively giving Facebook constant insights into your day-to-day spending and finances. We asked Facebook for clarity on this point and it acknowledged that it will store transaction data on its servers but stressed that it will not use that information for targeted ads or product recommendations.
However, constantly updated financial information is hugely valuable and fits very neatly into Facebook's business model. If there is one thing that everyone should know by now about the social media giant it's that advertisers' dollars are worth far more to the company than user privacy.
We asked Facebook where it would guarantee that such information was never used to target ads and were told repeatedly that "there are no plans" to do so. Which is, of course, a very different response to saying "we will never do so."
And the third possible component – beyond how much information Facebook would receive and what it would be allowed to do with it – is whether the connection would allow Facebook to carry out financial transactions directly.
In the same way that Facebook cannibalized the news industry by sucking in articles into its system and stripping out revenue-generating ads and traffic data, there is a huge difference between Facebook relaying information – eg, a link to an article – and controlling access to information, or in this case, financial transactions. The company would, without a shadow of a doubt, use that unique access to push its own services and take a cut of anything that flows through it.
In response, Facebook told The Register that the amount that its systems will be able to interact with your financial institution will vary bank by bank. And that, presumably, is where the banks are wondering how far to allow Facebook into their systems.
In short, the WSJ overplayed its news that Facebook is pushing for direct connections to banks, by suggesting it was scooping up information on people rather than allowing them to grant the social network access. But anyone that imagines Facebook is only seeking to help out users with making some money from the deal hasn't been paying attention.
We're not saying don't connect your bank account to Facebook; just be aware, as ever, that if you do, you are effectively giving all your personal data to a company that will do its best to sell it to other people. ®
Sponsored: Becoming a Pragmatic Security Leader