Facebook forbids banks from using its users data when applying for a loan | Does it?

  • junio 14, 2016
  • Jorge Morell Ramos

Síguenos en |     

What if your network of friends from Facebook could decide your eligibility for a loan?

Last week a British startup called Score Assured, from the real-estate market, got on the news thanks to the particular service that offers: if a user agrees, the service scans the Facebook account of the user (as well as some other social networks) to show the landlord how probable it is that the potential tenant may pay the rent.

In other words, a twenty-something wants to rent a house. Due to its age, its still limited credit history does not  help to value if or for how long can he/she assume the obligation to pay for a rent. However, its vast digital life provides plenty of clues about its standard of living and from its friends. Therefore, the landlord of the house that he or she wants to rent may hesitate about its ability to pay for it. That being the case, the landlord asks the potential tenant for a report of its digital life, so that extra info can be used to make a better decision.

Science fiction? No, a reality. Our digital profiles are constantly growing and little by little the data pool is becoming huge. That data pool can be useful to find out about our cinematographic preferences or the time of the year when our income increases. The thing is that if the first piece of info comes in handy for some companies, the other one too.

In any case, although this service has stirred up some controversy, to properly function it requires the consent from the user. That means that the potential tenant voluntarily agrees to the scanning of its social media accounts. Having said that, what would happen if a social network were 1/7 of mankind is already a member, uses the huge amount of data gathered about us for something similar? Specially, if it does making use of the consent that we already gave when we signed up. Yes, we are talking about Facebook and what the future holds in store for us in relation to the use of our data. Although in fact, in some cases this is already happening .

In May 5th of 2016, Facebook updated its Platform Policy, the terms that establish the use of the platform and its data by the developers, to add this:


This change, detected thanks to the Tracker of Terms and Conditions, adds paragraph 15 to the section related to «Data Protection». According to the new paragraph, a developer who uses the Facebook platform cannot gather data from the users to later decide according to it: the eligibility of a user, the rejection or approval of an application or how much interest to charge on a loan.

Therefore, the wording of this new paragraph seems to be focused on the financial institutions («interest» and «loan»), as well as insurance companies («eligibility» and «application»). In addition, taking into account the previous paragraph (number 14 is related to apps that use data from the network of friends to establish social connections), it seems to say:

«If you are a financial/insurance company whose app gathers data from a Facebook user, such as the network of friends, do not use that data to establish if the user is eligible for an insurance, if you will approve or reject a credit application or the level of interest that you will charge on a loan».

But was something like this already happening? Yes, mainly in the financial industry and through Big Data used for real. For example, thanks to it now we know that student loans have more options of being paid if the user has plenty of addresses on its profile. Having said that, if those addresses change regularly, the payment is less likely.

Another example is the article «May Facebook help us to get credit?» (in Spanish) that points out this:


And let’s not forget companies already working on it, such as Kreditech.

Therefore, if we apply these same Big Data techniques in what probably is the biggest pool of personal data in the world, Facebook, it will obviously be useful for more than getting recommendations on the new Candy Crush levels. The companies know it and Facebook too.

Well then, we should be glad that Facebook is limiting those uses, right? Yes… but maybe there is something going on behind the curtains.

If Facebook in May 2016 prevented financial and insurance companies to use the data of its users to measure the eligibility of an application or the interest rate to charge on a loan, why in August 2015 did Facebook obtained a patent in USA to do exactly that?

In other words, that patent explains how Facebook can analyze your network of friends and according to the analysis to authorize the user one way or another. So, the patent seems to be focused on the idea of authentication and spam detection.

However, the peculiarity of the patent stands out from one of the examples. According to it, this patent could allow Facebook letting a bank to analyze my network of friends when applying for a loan. If too many of my friends have a bad credit history, that could imply the rejection of my application (even although my credit history is appropriate).

In light of these two facts, different scenarios can be considered:

A) Is Facebook banning banks to do this so it can be the only one who manages this use of the information? After all, Facebook is already using our information to commercialize ads. So, maybe this could be a new business model for them.

B) Or in fact, is Facebook banning these type of practices because they are not appropriate? In the end, Facebook patented the idea almost a year ago. So, maybe Facebook has been toying with it during this time. And let’s not forget how Facebook loves to experiment with its users without talking about it (in Spanish).

C) Or maybe Facebook got the patent and then blocked its use to prevent startups from USA to do something similar in the future. Something like: «I won’t do it, but I don’t want anyone else doing it». All in all, the patent gives them the option to do it themselves, if Facebook thinks so.

In any case, one thing is Facebook allowing advertisers to target me with pinpoint accuracy. Another one is Facebook getting into the financial sector so it can be used to consider the debit balance of a user. Becoming something along the lines of a credit Bureau, such as the Spanish public institution CIRBE.

Having said that, it seems like this new «feature» would not be easy to sell to users.

But anyway, let’s say that something like this finally happens. How should it be contemplated and what problems could generate when in practice?

First of all, we don’t know how Facebook would deploy something like this. Would everything depend on the user? Would Facebook sell the data to third parties? Or maybe the financial institutions would be able to make a timely use of the information? Something along the lines of: This person is applying for a loan. The bank considers that it needs more info to make a decision. The bank asks Facebook to get that extra data from that user (for example from its network of friends).

Something like this could cause a serious discrimination problem, taking into account that the final decision about the rejection or approval of the loan could be related to my network of friends, where I live or the jobs of my  acquaintances. What in practice would condition a group of people disproportionately.

In second place, Facebook should be very clear and transparent about the use of my data with such a purpose. Obviously, the current Policy Data says nothing about this kind of use. But if something like this someday becomes a reality, it would suppose the introduction of an information service about capital solvency and credit balance in Facebook. In Spain, and according to article 29.1 of Ley Orgánica 15/1999 de Protección de Datos (Data Protection Law), on general terms that would require the consent of the user. And one on capital letters.

In addition, there would be obligations related to information, access and data veracity.

On the other hand, although this type of practice sounds kind of invasive at first and there are serious legal questions to ponder, we should not dismiss this by default. The thing is that not in every country is easy for someone to show proof of a credit history. Meaning that the information from our digital history can become a valid indicator. That is why companies such as Lenddo, who is trying to reinvent consumer credit using non traditional data in emergent economies around the globe, are a reality.

In summary, Facebook has patented a system to allow a bank the analysis of our network of friends and according to that info, to obtain an extra piece of information to consider the rejection or approval of a loan. Almost a year after that, Facebook bans financial and insurance companies to exploit the data from its users to determine the interest rate or eligibility of a user when applying for credit. Is just a coincidence that Facebook now prevents third parties from doing that, taking into account that a year ago patented something very similar?

For the time being, Facebook is not using our data to do something as what has been described (as far as we know). In any case, if Facebook someday wants to do something like this, it should change quite a few things and would definitively cause some uproar. Having said that, there are already companies that use this information to consider the distribution of credit. But those companies are always asking for consent from the user.

All in all, although this is still quite an on-going debate, it proves the usefulness of this type of data processing in some cases and contexts.

Therefore, is this what the future holds in store for us? If truth be told, this is already a reality. So, maybe the question to ask would be, will we get use to it? Time will tell.

Happy facebooking!