Information and tools to facilitate ethical consumption of goods and services.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

26 KiB

Blacklist part 1: notorious unethical US banks

financial institution political party ALEC CISPA drug testing finances private prisons Tor-hostile environmental abuses other ethical problems
Bank of America ๐Ÿ˜ ๐Ÿ‘Œ (dropped) ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ (will stop) ๐Ÿ‘ (& VPN-hostile) (rank=4) fracking, fossil fuel, extreme fossil fuel, Atlantic Coast Pipeline, Dakota Access Pipeline, ultra-deepwater oil & gas projects, Trans Mountain Pipeline Expansion, drilling in Arctic National Wildlife Refuge politically motivated denial of fund transfers; often named "most hated bank" in consumer feedback studies; xenophobic policy and hostile toward immigrants; shamed for dumb password rules; data breach; paid $1 million to the Trump inaugeration; caught snooping on customers and data sharing with the FBI; Privacy policy comparison
Capital One ๐Ÿ˜ ๐Ÿšจ ๐Ÿ‘ sponsors Fox News; spent $20 million on Facebook ads (thus feeding a privacy abuser); uses privacy-abusing Amazon AWS which lead to exfiltration of 100M customer records; shamed for dumb password rules; Privacy policy comparison
Citibank ๐Ÿ˜ ๐Ÿšจ ๐Ÿ”Ž (rank=2) fossil fuel, extreme fossil fuel, ultra-deepwater oil & gas projects, Trans Mountain Pipeline Expansion member of Better Than Cash Alliance thus fights to remove the cash payment option; Citi blocked insulin to 450,000 Venezuelans; Citi blocks account holder access to money if Citibank doesn't like your address; shamed for dumb password rules; data breach in 2005; data breach in 2011; data breach in 2013; Privacy policy comparison
Fifth Third ๐Ÿ˜ ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ cbios.53.com is CloudFlared; bank employs 17,744 workers in pro-forced-birth state (OH); Privacy policy comparison
JP Morgan - Chase ๐Ÿ˜ ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ (will stop) ๐Ÿ‘+ (rank=1) Arctic oil and gas exploration, fracking, fossil fuel, extreme fossil fuel, Atlantic Coast Pipeline, Dakota Access Pipeline, ultra-deepwater oil & gas projects, Trans Mountain Pipeline Expansion supports Trump; financed nazis; paid $3k per engineer per day to Palantir (thus contributing to family separation at the US-Mexico border); data breach in 2007 (warning: popups, better link needed); data breach in 2014; Privacy policy comparison
PNC ๐Ÿ˜ ๐Ÿ‘Œ ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ Atlantic Coast Pipeline caught financing the Cloakroom project; supplies banking service to Charles Schwab; Privacy policy comparison
Suntrust Bank ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ Atlantic Coast Pipeline, Trans Mountain Pipeline Expansion employs 24,375 workers in pro-forced-birth state (GA); Privacy policy comparison
TD Bank ๐Ÿšจ ๐Ÿ‘ fossil fuel, Atlantic Coast Pipeline Canadian ownership. Unlike TD Ameritrade, TD Bank was not acquired by Charles Schwab; data breach in 2014
US Bancorp - US Bank ๐Ÿ˜ ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ employs 4000 workers in pro-forced-birth state (MS); Privacy policy comparison
Wells Fargo ๐Ÿ˜ ๐Ÿ‘Œ (dropped) ๐Ÿšจ ๐Ÿ”Ž ๐Ÿš“ (will stop) ๐Ÿ‘ (rank=3) fracking, fossil fuel (source 2), Atlantic Coast Pipeline, Dakota Access Pipeline, Trans Mountain Pipeline Expansion supports Trump; sponsors Fox News; caught committing fraud; shamed for dumb password rules; only one large PPP loan given to a black-owned business; accused of charging black and latinx applicants higher rates and fees for home loans; Privacy policy comparison

(๐Ÿ˜) Commercial banks who meddle in politics tend to give disproportionately more to republican candidates (53/43%) and credit unions tend to give disproportionately more to democrats (58/41%), although it's uncommon for credit unions to meddle in politics at all. The elephant (๐Ÿ˜) above indicates that it's confirmed specifically for that bank that it favors republicans. Absence of ๐Ÿ˜ just means I didn't check that bank.

(๐Ÿšจ) the problem with CISPA-- CISPA was a bill to create a system of unwarranted mass surveillance through information sharing between the government and private sector. Congress blocked the bill, but it was later reincarnated as CISA and it passed. The police light (๐Ÿšจ) indicates that the bank lobbied for a police surveillance state in favor of CISPA.

(๐Ÿ”Ž) the problem with drug testing-- Drug testing employees in all cases above entail control over employees lifestyle outside the workplace. And in most cases involving medicinal mj states, the drug test also harms the healthcare of employees by intervening in doctors' prescriptions. The magnifying glass (๐Ÿ”Ž) indicates that the bank mistreats employees by drug testing them.

(๐Ÿš“) the problem with prison financing-- Under the Trump administration, the number of immigrants detained by the US government has skyrocketed. Nearly 75% of those detained are held in private prisons, whose stock prices have soared against the backdrop of Trumpโ€™s zero-tolerance and family separation policies. A Popular Democracy study details which banks are financing private prisons and detention centers, as well as the banks that have made commitments to stop.

(๐Ÿ‘Œ) the problem with ALEC-- ALEC is a huge right-wing political bill mill and lobby that puts corporate interests above the interest of human beings, as it fights gun control, fights healthcare, fights immigration, fights unions, fights public education, fights women's rights, and supports the NRA. The OK hand sign (๐Ÿ‘Œ) indicates that the bank supports right-wing extremism through ALEC membership.

(๐Ÿ‘) the problem with Tor hostility-- Tor is a tool that helps the privacy of consumers. Banks that block Tor or take hostile actions against customers who use Tor are indicated with an eye (๐Ÿ‘). A plus ("+") indicates that the bank allows Tor users to attempt to login (so they can discover which of their customers use Tor), followed by a permanent account denial and locked bank account.

More metrics: to see where these banks stand on gun issues, see https://isyourbankloaded.org.

Blacklist part 2: unethical US banks/CUs masquerading as ethical banks

These banks have managed to obtain endorsement from ethics-focused organizations, but they either block Tor users or they subject all their customers to the privacy and netneutrality abuses of CloudFlare or they push an hCAPTCHA:

Financial institution Values-based network Blocks Tor Cloudflare intercepts all web data hCAPTCHA Locations Notes
Amalgamated Bank B Corp, GABV, UNEPFI ๐Ÿ‘ New York, Washington, D.C. (worldwide charter) Sales site permits Tor but transactional site blocks Tor and it's akamai-hosted.
Beneficial State Bank B Corp, GABV, CDFI, UNEPFI, Just. ๐Ÿ‘ n (previously yes) California, Oregon, Washington They've previously incorrectly claimed: "we have taken definitive steps to follow Web Content and Accessibility Guidelines (WCAG)" while their Cloudflared login portal imposed an hCAPTCHA, which violated WCAG. Note that they apparently no longer push the hCAPTCHA. BSB admits in their privacy policy that they collect your IP address to track your geolocation. They also vaguely state that they share your sensitive information with third parties, but they do not name the third parties (thus sharing with CloudFlare, Inc. is concealed). The landing page is not CloudFlared, but the login page (xvault.beneficialstatebank.com) is, which enables CloudFlare to eavesdrop on your banking.
Brattleboro Savings & Loan B Corp ๐Ÿ‘ Vermont Sales site permits Tor but transactional site blocks Tor; Privacy policy comparison
City First Bank of DC B Corp, GABV, CDFI ๐Ÿ‘ Washington, D.C., Southern CA (worldwide charter) Sales site permits Tor but transactional site blocks Tor. Online application available, so perhaps it's open to out-of-state clients. Recent merger with a bank in Southern California.
Clearwater Credit Union GABV, CDFI ๐Ÿ‘ y ? hCAPTCHA is pushed by CloudFlare and thus triggered unpredictably. Their vague privacy policy conceals the fact that they share all web traffic with CloudFlare, Inc.
Decorah Bank & Trust Company GABV ๐Ÿ‘ Iowa Their privacy policy lies. Since CloudFlare sees all traffic, these are false statements: "we will not give your data to third parties without your permission."; "you will never be required to give information to a third party supplier."; Privacy policy comparison
First Green Bank B Corp, GABV ๐Ÿ‘ y Florida A 3rd party site said they were B Corp listed, but they aren't listed on the B Corp site. hCAPTCHA is pushed by CloudFlare and thus triggered unpredictably. They don't even have a proper privacy policy, but their "privacy commitment" statement conceals the fact that all web traffic is shared with CloudFlare, Inc.
Lead Bank GABV ๐Ÿ‘ Missouri Sales site is Amazon AWS-hosted; transactional site blocks Tor; paper statements are $5 but they say they're willing to email statements if the website stops working for a customer's browser; online reg. open to out-of-state residents; Moneypass ATMs; Privacy policy comparison
Mascoma Savings Bank B Corp ๐Ÿ‘ ? New Hampshire, Vermont
Missoula Federal Credit Union GABV, CDFI ๐Ÿ‘ y Montana A 3rd party site said they were a GABV member, but they aren't listed on the GABV site. They also don't exist in the CDFI spreadsheet; Privacy policy comparison
National Cooperative Bank GABV ๐Ÿ‘ ๐Ÿ‘ y ? hCAPTCHA pushed to Tor users (untested for non-Tor users)
Piscataqua Savings Bank B Corp ๐Ÿ‘ New Hampshire Sales site is Amazon AWS-hosted; transactional site blocks Tor; online reg. open to out-of-state residents; Privacy policy comparison
Southern Bancorp B Corp, GABV, CDFI ๐Ÿ‘ Arkansas, Mississippi Google Cloud-hosted; The landing page is not cloudflared, but the login page is, which enables Cloudflare to eavesdrop on your banking; Privacy policy comparison
Spring Bank B Corp, CDFI ๐Ÿ‘ New York Website down in Jan. 2021; up when checked in May 2021. Sales site permits Tor but transactional site blocks Tor; Privacy policy comparison
Sunrise Banks B Corp, GABV, CDFI ๐Ÿ‘ Minnesota Google Cloud-hosted; sales site permits Tor but transactional site blocks Tor.
VCC Bank B Corp, CDFI ๐Ÿ‘ Virginia Sales site permits Tor but transactional site blocks Tor. Non-profit; Fastly-hosted; checking, savings, money markets, but no debit cards or ATMs; there is an online application, so perhaps it's open to out-of-state clients.
Verity Credit Union GABV ๐Ÿ‘ Washington Amazon AWS-hosted; was MitMd by CloudFlare in the past but not when last checked on Feb. and May 2021. Sales site permits Tor but transactional site blocks Tor; Privacy policy comparison
VSECU (Vermont State Employees Credit Union) GABV ๐Ÿ‘ ๐Ÿ‘ n (Tor-block is absolute) Vermont Sales site permits Tor but transactional site is Cloudflared and blocks Tor. Vermont residents only, generally, with some exceptions.

Graylisted US banks

These banks are endorsed by a values-based network, but they outsource hosting to an unethical and untrustworthy tech giant (although not in a way that hinders Tor users).

Financial institution Values-based network Locations Notes
Aspiration B Corp N/A (online only) Sales and transactional sites are both Amazon AWS-hosted; blog.aspiration.com is a Cloudflare site; login page previously blocked Tor, but not when checked in Jan. 2021; it will go back to the blacklist if found to block Tor in the future. It's humorous, shameful, and simultaneously sad that clicking "Do Not Sell My Personal Information" on the landing page leads to a Cloudflare page that absolutely blocks Tor. Also hypocritical: Aspiration is environment-focused, but they hire Amazon which is quite detrimental to the environment. Their use of Cloudflare is also energy wasteful.
New Resource Bank B Corp, GABV ~~California A 3rd party site said they were both B Corp listed and a GABV member, but they aren't listed on either site. Website also harasses Tor users about having a clock that's ahead and it uses CloudFlare NS servers which means they can spontaneously start proxying through CloudFlare with ease.~~ As of May 2021, it redirects to Amalgamated Bank.

Whitelist: relatively ethical US banks

These banks are endorsed by a values-based network or convey an ethical mission, and are properly hosted. Superficially, there are no obvious significant anti-privacy or anti-consumer website features that cannot be avoided.

Financial institution Values-based network Locations Notes
First Boulevard online-only This bank is not yet open for business. Its focused on shrinking the racial wealth gap and has partnered with Visa to offer crypto-trading capabilities. Note that involvement with Visa is cause for concern, as Visa is the most aggressive proponent of the unethical war on cash. It also appears they may be strictly mobile, which likely means forced use of Google Playstore. First Boulevard is not a bank - banking outsourced to Central Bank of Kansas City.
Native American Bank CDFI Colorado & Montana They plan to become available nationwide. Looks like no fee schedule is published. They say their "primary mission is to assist Native American and Alaskan Native individuals", but Alaskans seem to be ineligible.

The scope of this page is US banks. Some ethical European banks are listed by FEBEA and GABV covers the world.

Dr. Cranor at Carnagie Mellon studied the level of privacy respect of over 6000 US banks. The best of those banks will perhaps be incorporated here in the future.