Personal Finance 💸

77 readers

1 users here now

US-centric community for content related to consumer retail banking, credit, & investment.

founded 2 years ago

MODERATORS

🤖🕵→🏦 AI bot needed to harvest the privacy policies, app permissions, and Tor-hostility of all banks in a given country and rank them (🎓 good student project) (lemmy.sdf.org)

submitted 1 day ago by evenwicht@lemmy.sdf.org to c/personalfinance@sopuli.xyz

6 comments fedilink hide all child comments

cross-posted from: https://lemmy.sdf.org/post/48532948

Banks are on an unstoppable uncontrolled trajectory in pursuit of KYC over-achievement. That is, they over-collect far more data on people than legally required (before it gets leaked to criminals in data breaches). Banks’ privacy policies are rife with anti-consumer weasel words.

It’s such a shit-show that privacy proponents have no real choice other than to quit banks and operate entirely with cash. Not many people have that level of discipline.

Software can turn this situation around. For example, there are ~6000 privacy-abusing banks and credit unions in the US. If a robot harvests all the privacy policies, fetches AOS apps to check permission reqs, records those with websites MitMd by Cloudflare, and uses all that info to find the lesser of evils, consumers can participate in creating a competition for privacy (as opposed to a competition of meaningless soul-selling fractions of a percent of interest earnings). The heart of the problem is banks are only getting pressure from the side of oppressors and tyranny and no pressure from the side of the people they purport to serve. Software and data can remedy this.

Worth noting that long before the AI bubble started, a university in the US studied bank privacy policies in bulk using a scraper bot that just looked at the standardised privacy disclosure forms for which all banks must conform to a standard layout. The data has rotted by now so their research is not of much use.

top 6 comments

sorted by: hot top controversial new old

[–] actionary@slrpnk.net 2 points 1 day ago* (last edited 1 day ago) (2 children)

This is not a bad idea. I don't know why you're being downvoted so much. Lots of people hate corpo LLM, understandably. But then when someone try to use LLM for user benefits against the corpo? The people here... still hate it. I never understood why.

[–] TragicNotCute@lemmy.world 3 points 1 day ago (1 children)

He said the no-no word and the brainless anti-AI masses swarm to downvote without engaging or discussing. Par for the course here unfortunately.

[–] evenwicht@lemmy.sdf.org 1 points 1 day ago (1 children)

I think there is also widespread support for KYC-overachieving banks -- because there seems to be no pushback from consumers. I think most people believe only criminals need privacy and they are happy to let banks snoop without warrant or restraint to catch the bad guys. They give banks whatever data they ask for and answer their interrogations without hesitation.

So I really can’t be sure to what degree the contempt for my idea is anti-AI hysteria or pro-KYC boot licking.

[–] TragicNotCute@lemmy.world 2 points 1 day ago

I’d bet money it’s way more blind anti-AI than pro-KYC.

[–] evenwicht@lemmy.sdf.org 1 points 1 day ago

I’m definately in the corpo AI hating group myself because it really looks bleak for LLMs controlled by NGOs and tiny operations. It looks like we must choose between licking the boots of a tech giant to get chatgpt-like service, or be excluded.

There are exceptions though for some services. I run argos-translate to do offline language translations using FOSS. It’s entirely free world stuff. I wonder if the answer is to promote argos-translate while spotlighting that it’s an LLM that you can self-host.

[–] okwhateverdude@lemmy.world 1 points 1 day ago

FWIW, as someone working in fintech in the EU, that "KYC over-achievement" is not as overzealous as you think it is. Each of those pieces of data are very useful at making fraud very expensive for the fraudsters. They need to burn a lot of capital to compromise people or fabricate personas.

And, at least at my place of employment, we take the PII protection very seriously because of GDPR.