I'm a member of the hi:project
http://hi-project.org/ (click 90 sec. video) Today's
newsletter had interesting links to open banking API initiatives:
" Retail banks. Her Majesty's Treasury, ably supported by the Open Data Institute, is progressing an open banking API. With the involvement of the Open Bank Project, located in Germany. According to the trade newspaper American Banker, "U.K. Push for Open Bank APIs Makes U.S. Look So Last Century."
I don't know what the HM Treasury will
conclude after their open banking API "Call for Evidence" but I can see dark clouds for
hi:proj, decentralization, and VRM if the Open Bank Project and the American
Banker articles are the path. The problem is that these articles promote
an app store controlled by the bank rather than the individual. This
effectively shuts out open source apps and introduces a rent-seeking app
certification process controlled by the bank just like the control by
Apple or Google through their app-store. Now, to be sure, I have no problem
at all paying my bank a transaction fee for checks or API access. I do
however have a big problem if my bank restricts who I can send a check
to or what app can connect to my account.
This
is exactly what I am directly involved in with hehathcare APIs in the
US. Here, for example, is my testimony a couple of weeks ago: https://www.healthit.gov/FACAS/sites/faca/files/APITF_Testimony_AdrianGropper_2016-01-28.pdf
The ability to grant unconstrained third party
access to an API that is all over the HM Treasury call is absolutely
essential to decentralization and, I would claim VRM. This is what UMA and HIE of One is all about.
It's much easier in US healthcare because US law treats access to
patient data as a "right" and will likely impose a corresponding "duty"
to respect an individual's right to specify their "agent" for access to
the API. In
the HIE of One (and hopefully HEART) approaches, the individual
specifies the UMA-standard Authorization Server and that Authorization
Server, acting as my agent, has sole discretion over what app and what app
user can see my data (or is it midata?) at the hospital or the bank.