German Bank Fined for Illegal Customer Profiling

Hamburg's Data Protection Authority has fined German savings bank Hamburger Sparkasse (Haspa) EUR 200k, for illegally profiling its customers, and allowing its customer services rep access to this data.

The customer character profiles - collated without first obtaining customer permission - were based on neurological research and contained socio-demographic data, along with information about product usage, deposit accounts, and the number of transactions made.

These profiles were made accessible to customer services reps and were compiled without first obtaining customer consent.

According to Prof. Dr Johannes Caspar (pictured), Head of Hamburg's Data Protection Authority: 'The bank collected very sensitive data that revealed a great deal about its customers, and the fine was based on this violation of data protection law.'

While cautioning against the use of modern neuromarketing tactics to 'exploit' customers, Caspar said that Haspa has now put in place an amended technical procedure that complies with German data protection law; the illegally created customer profiles have been deleted; and the bank's reps no longer have access to such data.