Google's Privacy Policy: Striking a Balance between Financial Inclusion and Data Protection

What Has Happened?

In a recent announcement, Google revealed updates to its personal loan policy, which will come into effect on May 31, 2023. According to the revised policy, any apps offering or facilitating personal loans will be prohibited from accessing contacts or photos. Additionally, personal loan apps operating in India, Nigeria, Kenya, Indonesia, and the Philippines must comply with specific regulatory and licensing requirements of each country and complete a loan application declaration form for Google's records.

The policy change has been welcomed by the Nigerian government, which has been trying to curb the invasion of customer privacy by loan app firms. Loan apps have been invading Nigerians' privacy by making unsolicited calls and sending defamatory messages to anyone on their contact list, but Google's latest policy change is set to put a stop to this.

Implications on Fintech Lending

While Google's recent policy change would certainly improve privacy and security, users' greater control over personal data, and overall trust in Google’s ecosystem,  it could have unintended consequences for financial inclusion efforts. Fintech lenders have been critical in providing access to credit for individuals with limited or no credit history. They have used phone contacts and photos to determine creditworthiness by gaining insights into an individual's social connections, financial behavior, and other factors that may impact their ability to repay a loan.

Without access to this data, it could be challenging for these individuals to prove their creditworthiness, creating a barrier to financial inclusion for those who already face difficulties accessing traditional financial services. The policy change could also reduce user convenience and loan decision-making, with fintech lenders using access to phone contacts and photos to streamline the user experience and address delays in loan repayments.

Furthermore, the policy change could have an uneven impact on different regions. In regions where access to traditional credit is limited, fintech loan applications may have relied more heavily on phone contacts and photos for identity verification, making it even more challenging for individuals to access credit.

How have industry players reacted to this development?

While some industry players have expressed concerns about the new policy, customers have welcomed it as a relief from privacy breaches, fraud, and unsolicited calls. Co-founder of Carbon, Ngozi Dozie, in a blog reported on Nairamterics, admitted that certain loan apps have misused access to customers’ contacts. However, he opined that the new policy could damage lenders’ businesses, impede innovations, and hinder fintech's efforts to drive financial inclusion.

However, customers have long been victimized by service providers who exploit access to their contacts. In addition to shaming customers for loan repayment, some service providers have been found to unfairly increase the cost of services. Recent news reports have highlighted cases of ride-hailing services, such as Uber, accused of increasing prices based on battery percentage and using software to gather data on competing drivers' names, locations, and registrations in order to poach them from rival companies.

Way Forward

The perceived mixed implications of Google's policy change on identity management and fintech loan applications can be managed within the industry's ecosystem through proactive measures that can be taken by stakeholders.

For private sector and fintech loan application providers:

1. Develop alternative identity verification methods using additional data sources such as social media profiles or utility bills.
2. Enhance data management by implementing stronger encryption or limiting data collection to necessary information for the service provided
3. Increase transparency and user control by explaining data collection practices clearly and enabling users to opt-in or opt-out of specific practices
4. Partner with regulators to establish responsible data management and identity verification guidelines. This will ensure that the industry operates in a manner that promotes user trust and financial inclusion.
5. Educate users about the impact of Google's policy change on the services they use. This will alleviate confusion and anxiety and promote user trust in the services provided.

For Regulators:

1. Mandate fintech lenders and identity management services to disclose their personal data usage and collection. This will address user concerns about privacy and security.
2. Establish minimum data standards for fintech loan applications and identity management services to ensure effective and responsible data usage.
3. Establish and enforce identity verification guidelines to ensure precise and consistent loan decisions.
4. Monitor the impact of enforcing the policy change on users in regions where access to traditional credit is limited.
5. Engage with industry stakeholders, including fintech lenders and identity management services, to comprehend the policy change implications and identify potential solutions.

In conclusion, prioritizing privacy and data security is crucial to prevent privacy violations that can hinder the uptake of financial services. Fortunately, alternative methods are available to verify identity, assess creditworthiness, and guarantee loan repayment without compromising user privacy. By working together, ecosystem stakeholders can ensure that the industry operates in a manner that promotes user trust and financial inclusion.