Author: MD Nasiur Rahaman Khan
College: St. Joseph’s College of Law, Bengaluru, Karnataka
LinkedIn Link: https://www.linkedin.com/in/md-nasiur-rahaman-khan-3930b5264
1. Abstract:
The growth of digital banking has fundamentally changedthe relationship between individuals and financial institutions. From UPI payments to online banking to credit card transactions to investment platforms, almost every financial activity today leaves a permanent digital footprint. Banks routinely collect, process, and monitor vast amounts of customer information for purposes such as fraud prevention, regulatory compliance, anti-money laundering measures, and risk assessment. While these mechanisms have improved efficiency and financial security, they have also raised serious concerns about informational privacy and data protection.
The increasing ability of banks to map an individual’s spending habits, financial relationships, and behavioural patterns has given rise to what may be described as a “financial panopticon” a system in which citizens are perpetually visible through their transactions. This development raises important constitutional questions concerning privacy, autonomy, and the limits of surveillance under Article 21 of the Constitution of India. My article argues that although financial surveillance is often justified in the interests of security and regulation, modern banking is gradually changing financial privacy into an illusion rather than a meaningful right.
2. To the Point
In 1787, Jeremy Bentham proposed the idea of the Panopticon which is a circular prison with a central watchtower from which inmates could be observed without ever knowing when they were being watched. Its genius lay not in constant observation but in uncertainty. As Bentham wrote:
“The more constantly the persons to be inspected are under the eyes of the persons who should inspect them, the more perfectly will the purpose of the establishment have been attained.”
The principle was simple: if individuals believe they may be watched at any moment, they begin to regulate their own behaviour. Modern banking presents an unsettling parallel with this.
Every UPI payment, credit card transaction, ATM withdrawal, investment, donation, loan application, and online purchase leaves behind a digital footprint. Individually, these transactions may appear insignificant; collectively, they form a remarkably detailed portrait of a person’s life. Banks may know where we travel, what we consume, our financial vulnerabilities, our medical expenditures, and even aspects of our social and ideological preferences. This raises an uncomfortable question: are bank customers becoming the inmates of a financial panopticon?
The concern is not that banks collect information; because some degree of monitoring is required for preventing fraud, money laundering, and financial crime. The concern is that individuals increasingly live within systems of financial observation whose scope they neither negotiate nor fully comprehend. If every transaction can be recorded, analysed, and preserved, then financial privacy may no longer be a lived reality but will remain an assumption. The modern citizen may possess complete freedom to spend, donate or invest, and transact. Yet the knowledge that every financial decision leaves a permanent trace creates a paradox of digital finance: we remain economically free, but increasingly transparent.
3. Use of Legal Jargon
3.1 Banker-Customer Relationship
The banker-customer relationship has traditionally been founded upon trust and confidentiality. Banks are not merely custodians of money; they are custodians of highly sensitive financial information. Although the Banking Regulation Act, 1949 primarily governs the regulation and functioning of banking institutions, banking law has long recognised an implied duty of confidentiality owed by banks to their customers. Financial records often reveal far more than account balances, they disclose an individual’s habits, priorities, relationships, and economic vulnerabilities. Consequently, confidentiality has emerged as one of the fundamental obligations of modern banking.
3.2 Right to Privacy under Article 21
The right to privacy, recognised as a fundamental right under Article 21 of the Constitution of India, extends beyond physical privacy and includes informational privacy as well. Financial information forms an integral part of an individual’s personal autonomy because patterns of expenditure, investments, donations, and borrowing behaviour often reveal intimate aspects of human life. In the digital age, privacy is no longer merely the right to be left alone; it is increasingly the right to exercise control over personal information.
3.3 Data Protection and the Processing of Financial Information
The Digital Personal Data Protection Act, 2023 seeks to regulate the collection, processing, and use of personal data, including financial information. Banks routinely process huge quantities of customer data. Such processing may include transaction histories, credit profiles, account activity, and behavioural information generated through digital banking platforms. The legislation emphasises lawful processing, purpose limitation, and accountability, thereby recognising that personal data possesses economic value and requires legal protection.
3.4 Anti-Money Laundering Framework
The Prevention of Money Laundering Act, 2002 (PMLA) imposes extensive reporting obligations upon banks and other financial institutions. Through mechanisms such as Know Your Customer (KYC) requirements, Customer Due Diligence (CDD), and Suspicious Transaction Reports (STRs), banks are expected to identify and report activities indicative of money laundering, terrorism financing, and other financial crimes. Consequently, modern banking institutions no longer perform merely commercial functions; they increasingly operate as gatekeepers of financial surveillance and compliance.
3.5 RBI Directions and Data Retention
The Reserve Bank of India’s KYC Directions require financial institutions to verify customer identities, continuously monitor transactions, and retain records for prescribed periods. These obligations are designed to strengthen financial integrity and combat illicit transactions. However, they also contribute to the creation of extensive repositories of financial information capable of revealing an individual’s economic behaviour over prolonged periods. The contemporary banking system is therefore characterised by both financial convenience and persistent observation.
3.6 Surveillance and Consent
Perhaps the most difficult legal question concerns consent. Do customers genuinely consent to the collection and processing of their financial data, or do they merely accept terms and conditions because participation in modern banking leaves little practical alternative? In reality, most individuals do not negotiate privacy policies or meaningfully understand the extent of data sharing and retention practices. They simply click “I Agree.”
Consent that is uninformed, unavoidable, or poorly understood raises significant questions regarding autonomy and informational self-determination. In the age of digital finance, the challenge is no longer whether surveillance exists; it is whether citizens have meaningfully chosen to live under it.
4. The Proof
4.1 The Architecture of Banking Surveillance
Modern banking no longer records transactions; it records patterns. A single transaction may reveal little, but thousands of transactions over time create an extraordinarily detailed behavioural pattern. Financial records can indicate where an individual travels, the hospitals they visit, the educational institutions they pay, the charities they support, the places of worship they contribute to, and even periods of financial distress or prosperity.
Consider an ordinary customer. Frequent payments at pharmacies may suggest medical conditions. Donations to certain organisations may reveal political or ideological preferences. Payments to travel agencies may indicate movement patterns; while recurring subscriptions and purchases may disclose lifestyle choices and social habits. The sum of these transactions creates a financial biography.
Data, therefore, is no longer merely information; it is inference. The true power of banking surveillance lies not in knowing what a person did yesterday, but in predicting what they may do tomorrow.
4.2 The Financial Panopticon
The idea of the Panopticon was originally proposed by Jeremy Bentham as a prison design in which a single observer could potentially watch all prisoners without the prisoners knowing when they were being observed. Michel Foucault later transformed the concept into a theory of modern power. The brilliance of the Panopticon lies in uncertainty: the prisoner never knows when he is being watched and therefore behaves as if he is always watched.
Modern banking increasingly resembles this model.
Most individuals do not know who may access their financial information, how long such information is retained, or how extensively it may be analysed. Yet they are aware that transactions can be monitored, reported, and scrutinised. This possibility of observation alters behaviour. Individuals become conscious that every financial decision leaves a permanent trail.
The question therefore becomes uncomfortable but necessary: are bank customers becoming permanent financial prisoners of observation?
The contemporary citizen may not live in a prison of concrete walls, but increasingly lives within a network of invisible financial observation where every payment contributes to a constantly expanding profile of their economic behaviour.
4.3 Why Surveillance Exists
To pretend financial surveillance as inherently malicious would be inaccurate here. Modern financial systems confront sophisticated threats that cannot be addressed without extensive monitoring mechanisms.
Fraud prevention requires the identification of unusual transactions. Anti-money laundering measures seek to disrupt the movement of illicit funds. Counter-terrorism efforts depend upon tracking suspicious financial flows. Tax enforcement mechanisms attempt to prevent evasion, and cybercrime investigations often rely upon transactional evidence to trace digital offenders.
In this sense, surveillance performs a protective function. Society expects banks to detect fraudsters, identify suspicious transactions, and assist in combating organised financial crime. A completely anonymous banking system would likely become a sanctuary for criminal activity.
The dilemma, therefore, is not surveillance versus privacy. The real dilemma is proportionality. How much observation is necessary for security, and at what point does legitimate monitoring become excessive visibility?
4.4 The Illusion of Financial Privacy
Modern banking presents itself as a relationship of convenience and efficiency. Yet convenience often obscures complexity. Few customers know how long their financial information is stored, which entities may access it, what algorithms analyse it, or how behavioural profiling may occur through interconnected financial systems.
The modern customer does not trade privacy for convenience; he often surrenders privacy without ever understanding the bargain.
Financial information now exists within vast ecosystems of data analytics. A transaction does not simply end when money changes hands. It frequently enters systems of storage, and categorisation that remain largely invisible to the ordinary customer.
The greatest illusion of the digital age may be the belief that privacy still exists simply because secrecy exists. A transaction hidden from neighbours or family may nevertheless remain visible to institutions capable of reconstructing a remarkably intimate portrait of an individual’s life.
4.5 Banking Surveillance and Constitutional Anxiety
Financial information is rarely neutral. It can reveal religious affiliations, ideological preferences, medical conditions, social associations, and patterns of personal conduct. Consequently, extensive financial profiling raises constitutional concerns that extend beyond privacy alone.
A person who knows that every donation, contribution, or transaction may be scrutinised may hesitate before supporting certain causes or associations. Financial visibility can produce behavioural caution. Observation may therefore influence autonomy itself.
The concern is subtle but significant. Constitutional freedoms are not threatened only by direct prohibitions; they may also be weakened when individuals alter their conduct because they feel perpetually observable.
This is the deeper anxiety of the financial panopticon I am talking about. Surveillance may begin as a tool against fraud and crime, yet it possesses the capacity to create a society in which citizens internalise observation and modify their behaviour accordingly. The danger is not merely that banks know more about us than we imagine. The danger is that, knowing we are potentially visible, we may slowly become less free than we realise.
5. Case Laws
5.1 K.S. Puttaswamy v. Union of India (2017)
The Supreme Court in K.S. Puttaswamy v. Union of Indiafundamentally transformed Indian privacy jurisprudence by recognising the right to privacy as a fundamental right under Article 21 of the Constitution. The Court expressly acknowledged the importance of informational privacy and recognised that individuals possess a legitimate interest in controlling personal data concerning their lives and activities.
The judgment is particularly significant in this context of banking surveillance because financial information often constitutes one of the most intimate forms of personal data. Spending habits, investments, donations, and borrowing patterns collectively reveal an individual’s identity, preferences, and vulnerabilities. The decision thus establishes an important constitutional principle: informational privacy is not a luxury of the digital age but an essential condition of personal liberty.
5.2 Tournier v. National Provincial and Union Bank of England (1924)
The decision in Tournier v. National Provincial and Union Bank of England remains one of the foundational authorities on the banker’s duty of confidentiality. The Court recognised that the banker-customer relationship is inherently confidential and that a bank cannot freely disclose information relating to its customers except under limited and legally justifiable circumstances.
The judgment remains remarkably relevant in the era of digital finance. While modern banks possess unprecedented amounts of customer information, Tournierreminds us that financial data is not merely a commercial asset but a matter of trust. The case reflects a timeless legal principle: individuals deposit not only their money in banks but also their private financial lives.
5.3 District Registrar and Collector v. Canara Bank (2005)
In District Registrar and Collector v. Canara Bank, the Supreme Court held that the right to privacy extends to financial and banking records and that arbitrary access to such information constitutes an impermissible intrusion into the personal liberty. The Court emphasised that privacy protects individuals against unnecessary and disproportionate state interference in matters concerning personal information.
Today bank records are not ordinary documents anymore. They often contain a detailed account of an individual’s economic behaviour and personal choices. The judgment therefore reinforces the principle that access to financial information must be accompanied by legality, necessity, and procedural safeguards.
6. Conclusion
Banks were once institutions where people deposited money. Today, they have become repositories of identity, behaviour, and human patterns. Financial surveillance undoubtedly serves legitimate purposes, from preventing fraud to combating money laundering and cybercrime. Yet a society must remain cautious when security gradually transforms citizens into permanently observable subjects.
Privacy rarely disappears overnight; it erodes quietly through routine disclosures and digital transactions. The biggest irony of modern banking is that our money is still protected behind passwords and encryption, but our financial lives have never been more visible. In making our transactions secure, we may have unknowingly made ourselves transparent.
7. FAQs
Q1. Is financial privacy protected under Article 21 of the Constitution of India?
Yes. Following K.S. Puttaswamy v. Union of India (2017), privacy, including informational privacy, is recognised as a fundamental right under Article 21. Financial information forms an important component of personal autonomy and therefore deserves constitutional protection against arbitrary intrusion.
Q2. Can banks share customer information?
Generally, banks owe a duty of confidentiality to their customers and cannot disclose financial information indiscriminately. However, disclosure may occur where required by law, regulatory obligations, court orders, or in circumstances involving public interest and the prevention of financial crimes.
Q4. What is a financial panopticon?
A financial panopticon refers to a system in which individuals are continuously visible through their financial transactions. Every payment, transfer, and digital transaction contributes to a behavioural profile capable of revealing intimate aspects of a person’s life. The concern is not merely that citizens are observed, but that they may eventually begin to live as though they are always being observed.





