Digital Transactions Authoritative, insightful and timely information for payments professionals
A moonshiner’s case from almost 50 years ago could have an effect on the future of open banking.
In 1973, firemen and a sheriff’s department responding to a warehouse fire found a 7,500-gallon-capacity distillery and 175 gallons of whiskey. The problem was no one had paid any taxes on the whiskey.
This led the Bureau of Alcohol, Tobacco and Firearms to subpeona the bank records of the man renting the warehouse. He made pretrial motions to suppress the bank records, arguing they were his private records and protected by the Fourth Amendment.
By 1976, the case had made it to the Supreme Court. In United States v. Miller, the Court held that the bank records were legally subpoenaed and could not be suppressed. The interesting part is why they ruled that way. The Court wrote that “[o]n their face, the documents subpoenaed here are not respondent’s ‘private papers.’… Instead, these are the business records of the banks.”
Some banks have made similar arguments about handing over records to fintechs through open-banking arrangements. Their argument is that the records are their property, not just consumer information.
The majority opinion in Miller discusses how the checks used by the defendant are not private papers but “negotiable instruments to be used in commercial transactions.” This case was decided before the concept of open banking existed, but it is not hard to extend the argument and argue that the information banks hold about their clients’ financial activities, at least in part, exist only because the bank itself exists. So, it is not purely customer data.
The Consumer Financial Protection Bureau finalized its first open-banking rule in October of last year. The rule was required under Section 1033 of the Dodd Frank Act of 2010. It was subject to an immediate lawsuit in the Eastern District of Kentucky by banking trade associations. When the new administration arrived in January, it sought to end the lawsuit by announcing that it would vacate the rule.
The courts granted the fintech trade associations permission to keep fighting for the rule. That an agency is free to rewrite its own rules didn’t seem to matter at the time. But in response, the CFPB asked and received from the district court a motion to stay the proceedings while it writes a new rule.
In its request on July 29, the Bureau said it would “engage in an accelerated rulemaking process” and have a revision in three weeks. It left itself some room by saying that it planned to engage with the public and that it would file status reports every 90 days. So, it seems they expect there could be delays.
One major issue the new rule needs to address is whether and how much banks can charge for access to their data rather than being expected to pay to build systems to help competitors take data out of the bank. Chase started the negotiations when it announced it would begin charging fintechs for access to its system.
While the Miller case can’t completely resolve the questions around this later case, it does provide a starting point for the banks to argue they have an ownership stake in the information the fintechs want them to provide.
Other issues will fall outside the ownership question, such as how much liability data providers will have once they share the data and how soon they must delete the data they request on behalf of the customer. But by establishing their stake in that data, financial institutions can make an argument for more controls on sharing it.
—Ben Jackson bjackson@ipa.org
