NFC (Near Field Communication), Cloud based, Image based, Proximity based and Carrier based mobile payments, as well as P2P payments, are all payment methods available today which are part of a fast growing technology trend that is one everyone’s lips. There are many different payment applications for mobile devices already available in all major mobile platforms. Mobile phones manufacturers have all pledged to equip their devices with this technology in a very near future while some of your favourite phones are already equipped with the latest applications.
Forget about your bank cards, car keys, metro tickets ; NFC will soon enable you to leave your home, set off your alarm system, start your car, pay for petrol and your favourite coffee & danish on your way to work without even opening your wallet. All you will need is your mobile phone in your pocket. Your sim card will do the rest, enable storage and exchange of information that will process your payments in seconds.
This marketing pitch makes most of us dream of a hassle-free life where saving time when running errants lets you focus on more essential things you want to do in life. But wait a minute, where is the catch ? Who will have access to all that data ? Will our consumer & privacy rights will be respected ? We asked EJ member Dr. Chris Hayes, intellectual property lawyer at IBB Solicitors, Uxbridge, UK to give us his expert opinion on the subject. Chris, who also holds a PhD in Molecular Genetics from the University of Oxford, admits having a passion for Science and Technology and has the pleasure of working in this fascinating field of law daily.
Let’s go back a little, understand what this new technology entails and which changes have occurred since the traditional payment methods we’ve all been using this past decade. According to Researcher Jon Selvadurai his article Legal And Ethical Responsibilities In Mobile Payment Privacy from the International Journal of Scientific & Technology Research (Volume 2, Issue 6, June 2013) :
“Traditional payment systems typically involve the consumer, the receiver and the financial institution which facilitates the transaction. Usually, the financial institution is a bank that provides services to the consumer. In the mobile payment life cycle, on the other hand, in addition to the traditional players, there is the mobile application provider, third party application service providers and intermediate payment facilitators. Since there are many layers involved in mobile payment, controlling their own personal data is a challenge for the consumers. Because of the fast paced mobile application trend, there is little time and effort spent on protecting consumer data by the businesses that are developing mobile payment applications. This fact also introduces a challenge in the adoptability of mobile payments because consumers are waiting until secure standards are enforced.”
Our first question to Chris Hayes was the following : New payment methods seems inevitable, whether we like it or not, what kind of dangers is the lambda consumer facing ?
“There are two types of dangers here, first of all, fraud. This very common practice of stealing your payment information and make you bleed little by little is unfortunately extremely common. Petty theft hackers focus on only pulling small amounts of money (usually less than 30£) from your bank accounts, and those amounts are so insignificant, they completely get under your radar. The most insidious aspect of such fraud is that, once your account has been hacked by one of these criminals, you tend to be more likely to be a victim again, as your personal data will most probably be the subject of an exchange or a sale to other hackers. Therefore, it is essential to double check your bank statements in order to verify if you are a victim and then, talk to your financial institution that will take the necessary measures and raise flags to protect other potential victims.”
Chris adds : “Secondly, there’s the data protection issue. Whether you are using the brand new payment method or the good old bank card for legitimate purchases, your data is indeed preciously saved by retailers and service providers. This almost magic data gives them valuable information on who you are, what you buy, when and where. This data is then analysed and used for direct marketing purposes or, simply, sold to the highest bidder.
How can we protect ourselves ?
“The remedy is very simple. You look for your country’s Watch Dog or Consumers Right Agency and follow their recommendation in order to have you profile removed from all unwanted lists and allowing you to manage your personal data and letting you decide what kind of information you wish to keep private. In the UK, we have the Information Commissioner’s Office and it’s doing a good job at making sure you get practical information on how to protect yourself.”
Is there any hope to catch up in terms of personal data protection and consumer rights then?
“Actually, there is !” Chris adds : “EU has been working on data protection and direct marketing laws with brand new directives that will, in less than two years, revolutionise the industry. Obligations and burdens for companies managing your data are going to be multiplied and the threshold will be significantly higher. In case of breeches, regulators will be much better equipped in order to react and punish the offenders. Fines and penalties could even be calculated in percentage of turnover.”
We thank Chris Hayes for his time and efforts to enlighten our lantern on this subject.
