A FINTECH - PRIVACY AND DATA PROTECTION COLLISION COURSE? A CRITICAL DISCUSSION OF MOBILE PHONE FINANCIAL SERVICES APPS AND UK DATA PROTECTION ACT 2018 PROVISIONS

Abstract

The phenomenon of AI, ML and Big Data, has captured the world with the novel possibilities of their implications which have allowed all kinds of services and products to advance to unfathomable extents. One industry that has been one of the chief beneficiaries of the advancements offered by the advent of AI, ML and Big Data is the industry of financial services. The information technology age has led to the creation of financial technology, colloquially referred to as "Fintech" which has sought to digitise the entirety of financial services since its inception. The advents of Big Data, Machine Learning and AI have further boosted the potential of the "Fintech" phenomenon. It has increased its capabilities to unimaginable levels and has accomplished the difficult task of bringing access to financial services to a larger population. However, such high levels of automation incorporated into the financial services come with their own caveat, as financial services have not always been an area of completely objective decision making, and subjective decision making like a human is yet a doubted ability for AIs. Furthermore, a bigger question is raised regarding the protection of consumer data in such a system that depends on its feeds of vast amounts of data to deliver better services. In acknowledgement of this, regulations have constantly amplified and evolved their efforts to regulate these industries that process large amounts of personal data of their consumers in order to protect the consumers from vulnerabilities resulting from breach of personal data. In this pursuit several regulations have been put in place such as the GDPR the principles of which were implemented through the DPA 2018 in the territories of England and Wales. However, studies analysed in this study point towards the inadequacy of merely the provisions of these frameworks. Therefore, in order to evaluate the course of personal data protection, this study evaluates case laws that shape the approach of the legal system in the United Kingdom with regards to the protection of personal data and the remedies available to the data subjection