ebook img

FinTech And Data Privacy In Germany: An Empirical Analysis With Policy Recommendations PDF

135 Pages·2019·8.389 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview FinTech And Data Privacy In Germany: An Empirical Analysis With Policy Recommendations

Gregor Dorfleitner Lars Hornuf FinTech and Data Privacy in Germany An Empirical Analysis with Policy Recommendations FinTech and Data Privacy in Germany fl (cid:129) Gregor Dor eitner Lars Hornuf FinTech and Data Privacy in Germany An Empirical Analysis with Policy Recommendations GregorDorfleitner LarsHornuf CenterofFinance FacultyofBusinessStudiesandEconomics UniversityofRegensburg UniversityofBremen Regensburg,Germany Bremen,Germany ISBN978-3-030-31334-0 ISBN978-3-030-31335-7 (eBook) https://doi.org/10.1007/978-3-030-31335-7 TranslationfromtheGermanlanguageedition:FinTechundDatenschutzbyGregorDorfleitnerandLars HornufCopyright©SpringerFachmedienWiesbadenGmbH,einTeilvonSpringerNature2019.All RightsReserved. ©SpringerNatureSwitzerlandAG2019 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe materialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodology nowknownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. The publisher, the authors, and the editorsare safeto assume that the adviceand informationin this bookarebelievedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsor theeditorsgiveawarranty,expressedorimplied,withrespecttothematerialcontainedhereinorforany errorsoromissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictional claimsinpublishedmapsandinstitutionalaffiliations. ThisSpringerimprintispublishedbytheregisteredcompanySpringerNatureSwitzerlandAG. Theregisteredcompanyaddressis:Gewerbestrasse11,6330Cham,Switzerland Foreword FinTech has become one of the keywords associated with the digitalization of the financial sector and the data-driven economy more generally. In contrast, data protection was certainly a legal keyword in 2018, the year the General Data Protection Regulation (“GDPR”) became binding. It follows that research at the intersectionofFinTechservicesanddataprotectionlawpromisestobeparticularly excitingduetoalargenumberofunansweredquestionsregardingtheirinteraction. This book provides an important first step in examining related issues from an empiricalperspective. Thebookprovidesthereaderwithanempiricaloverviewofthesubstanceofthe data protection policies of numerous FinTech companies. Despite the fact that financialdataassuchisnottoberegardedassensitivedataundertheGDPR,such data nevertheless revealsa lot of important,and oftentimes indeed sensitive, infor- mationaboutusers.Itisoftenonlythroughaccesstofinancialdatathatacompany receivesinformationaboutourpreferences,habits,orlocation.Thismakesthistype ofdataparticularlysought-afterbutalsoinneedofprotection.Afteranintroductory presentation of FinTech players in Germany, the authors turn to consider how FinTech companies have implemented their data protection policies. To this end, the data protection statements of more than 500 FinTech companies are analyzed downtothesmallestdetail.Whilethethirdchapterconcentratesonthetimeperiod fromOctobertoDecember2017,Chap.4dealswiththeshortperiodaftertheGDPR became binding. The book closes with an overview of the numerous FinTech business models and questions regarding the regulatory needs of the German FinTechmarket. Whatisparticularlynoteworthyaboutthisbookisthespeedwithwhichthetwo authors have carried out their research. Empirical research on data protection is of immense importance. For example, it gives us answers to questions such as how legislation has been implemented in practice and whether legislative requirements are being followed properly by their respective addressees. Furthermore, the con- creteeffectsofdataprotectiononthedata-driveneconomybecomeapparent.Thisis particularly relevant when evaluating whether the GDPR has achieved its desired effects. Of course, there were still some uncertainties about the implementation of v vi Foreword theGDPRduringtheperiodthatisanalyzedinthisbook.Thisfeelingofuncertainty did not only affect FinTech companies but was also evident across all sectors. For instance, a study carried out by the German digital association Bitkom (2018) underlined that even four months after the GDPR became binding only a quarter of the participating companies deemed that they had fully implemented all legal requirements.Asaresult,thecompetentdataprotectionauthoritieswerealsorather cautiousintheirenforcementofviolationsandtheassociatedpossibilityofimposing fines. To account for further developments in this domain, subsequent empirical studieswillbenecessary.Inanyevent,theauthorsofthisbookshouldbecongrat- ulated for taking on this important work, which will hopefully inspire future research. Munich,Germany MichèleFinck 16July2019 Reference Bitkom. (2018) 3 von 4 Unternehmen verfehlen die Frist der Datenschutz- Grundverordnung, Pressemitteilung vom 17.05.2018, Bitkom e.V. Retrieved from https://www.bitkom.org/Presse/Presseinformation/3-von-4-Unternehmen- verfehlen-die-Frist-der-Datenschutz-Grundverordnung.html Contents 1 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2 PlayersintheGermanFinTechIndustry. . . . . . . . . . . . . . . . . . . . . 3 2.1 SegmentsoftheFinTechIndustry. . . . . . . . . . . . . . . . . . . . . . . 3 2.2 TheGermanMarket. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3 GeneralMarketTrends. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3 FinTechsandDataProtection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 4 FinTechsandDataProtectionAftertheImplementation oftheGDPR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 Reference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5 FinTechBusinessModels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 5.1 CooperationwithBanks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 5.2 FieldsofApplicationandUsesofBigDataatFinTechs. . . . . . . 94 5.3 AnalysisoftheSustainabilityofFinTechBusinessModels. . . . . 98 5.4 FinTechswithaDebtCapitalFocus. . . . . . . . . . . . . . . . . . . . . . 104 References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 6 NeedForRegulationintheGermanFinTechMarket. . . . . . . . . . . . 107 References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 7 SummaryinElevenTheses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 AppendixA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 vii About the Authors and the Project GregorDorfleitner pursuedgraduateworkinelectricalengineeringattheBaden- Wuerttemberg Cooperative State University Ravensburg and in mathematics and businessadministrationattheUniversityofAugsburg.HereceivedhisPhDin1998 andsubsequentlycompletedhishabilitationinthefieldofbusinessadministrationin 2003attheFacultyofBusinessandEconomicsofthesameuniversity.From2004 until2007,hewasafullprofessoroffinanceatViennaUniversityofEconomicsand Business.Since2007,hehasheldachairinfinanceandhasbeenthedirectorofthe Center of Finance at the University of Regensburg. Since 2010, he has been an associateresearcherattheCentreforEuropeanResearchinMicrofinance(CERMi) in Belgium. He has published more than 60 articles in internationally renowned scientificjournals.Hisresearchfocusesonsustainableinvestments,microfinancing, and FinTech, among others. He has worked on numerous projects related to FinTechs,textanalytics,andsustainableinvestmentsandhasraisedexternalfunding forseveralscientificprojectsfromtheDeutscheForschungsgemeinschaft,theFritz Thyssen Stiftung, and the German Ministry of Finance. The WirtschaftsWoche rankedGregorDorfleitnerinthecategoryoflifetimeachievement inthetop5%of researchersinbusinessadministrationwithintheGerman-speakingarea. Lars Hornuf completedhisPhDineconomicsattheLudwigMaximilianUniver- sity(LMU)ofMunichin2011andsubsequentlyreceivedhishabilitationinthefield ofbusinessadministration in2019attheUniversityofRegensburg.Previously,he was a junior researcher at the Ifo Institute for Economic Research and a research associateattheInstituteofInternationalLawatLMU.Hehasbeenavisitingscholar atUCBerkeley,StanfordLawSchool,DukeUniversity,GeorgetownUniversity,the CESifo, and the House of Finance at Goethe University Frankfurt. In 2014, he becameanassistantprofessoroflawandeconomicsintheDepartmentofEconomics ofTrierUniversity.Since2016,hehasbeenanaffiliatedresearchfellowattheMax PlanckInstituteforInnovationandCompetition.Recently,LarsHornufbecameafull professorofbusinessadministrationspecializingintheareasoffinancialservicesand financial technology at the University of Bremen and an affiliate member of the ix x AbouttheAuthorsandtheProject CESifoResearchNetwork.HehasworkedonnumerousprojectsrelatedtoFinTechs and raised external funding from the Deutsche Forschungsgemeinschaft and the GermanMinistryofFinance,amongothers.HisresearchinterestsincludeFinTech, lawandfinance,andbehavioralscience.MediaincludingTheEconomistandForeign Policyhavereportedonhisresearchfindings. This bookis mainly based on two studies (Dorfleitnerand Hornuf,2018a, 2018b). ThesestudiesarepartoftheABIDAprojectandaresupportedwithfundsfromthe GermanMinistryofEducationandResearch(fundingreference01IS15016A– F).Thecontentofthebooksolelyreflectstheopinionsoftheauthorsanddoesnot necessarily reflect the views of the Ministry or those of the individual project partners.ABIDAexploressocialopportunitiesandrisksofthegeneration, linking, and analysis of data and develops options for political action, research, and development. References Dorfleitner, G., & Hornuf, L. (2018a). Neue digitale Akteure und ihre Rolle in der Finanzwirtschaft: Eine Analyse des deutschen Marktes unter besonderer Berücksichtigung von Datenschutzaspekten. ABIDA – Externe Gutachten. Retrieved from https://epub.uni-regensburg.de/37203/1/Gutachten_ABIDA_ Neue_Digitale_Akteure_Finanzwirtschaft.pdf Dorfleitner, G., & Hornuf, L. (2018b). Analyse der Datenschutzerklärungen deutscher FinTech-Unternehmen nach Einführung der DSGVO. ABIDA – Externe Gutachten. Retrieved from http://www.abida.de/sites/default/files/ ABIDA_Folgegutachten_Fintech_DSGVO.pdf List of Figures Fig.2.1 FinTechsegments..................................................... 4 Fig.2.2 FinTechsinGermanybysegments.................................. 6 Fig.2.3 VolumeofselectedFinTechsegmentsin2016.................... 7 Fig.2.4 AnswerstothequestionoftechnicalinnovationsbyFinTechs... 10 Fig.3.1 Frequencyofusingaprivacystatement............................. 15 Fig.3.2 Lawapplicabletodataprocessingifaforeignlawwasexplicitly mentioned.............................................................. 16 Fig.3.3 Frequencyofprivacystatementsnotingthatpersonal orpersonallyidentifiableinformationisbeingprocessed......... 17 Fig.3.4 Frequencyofprivacystatementsthatnotewhatpersonaldata areprocessed.......................................................... 18 Fig.3.5 Reasonsthatpersonaldatawerenotlistedexhaustively........... 19 Fig.3.6 Typesofpersonaldataprocessedaccordingtotheprivacy statement............................................................... 20 Fig.3.7 Typesofpersonaldatacollectedinacompanycontextthat areprocessedaccordingtotheprivacystatement.................. 20 Fig.3.8 Typesofpersonaldataprocessedaccordingtotheprivacy statementinthefinancingsegment.................................. 21 Fig.3.9 Typesofpersonaldataprocessedaccordingtotheprivacy statementinthepaymentsegment................................... 22 Fig.3.10 Typesofpersonaldataprocessedaccordingtotheprivacy statementintheassetmanagementsegment........................ 23 Fig.3.11 Typesofpersonaldataprocessedaccordingtotheprivacy statementintheinsurancesegment.................................. 24 Fig.3.12 Typesofpersonaldataprocessedaccordingtotheprivacy statementintheotherFinTechssegment........................... 25 Fig.3.13 Specialcategoriesofpersonaldataprocessedaccording totheprivacystatement.............................................. 25 xi

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.