The best (and the only working) way of data protection is to never send the data.
...until it is no longer possible to function as a normal economically active member of your society without "consenting" to the data sharing. As others have said that might mean that you can no longer get a phone or a mortgage in some cases. Given the financial services industry doesn't exactly have a glowing reputation for either responsible handling of personal data or fair and rational decision-making processes some middle ground will need to evolve here if widespread abuse is not to be an inevitability.
That's the thing, until this Open Banking stuff, I simply shared my bank account statements where I filtered out whatever I didn't want them to know - and I was sure that only few people in a local bank branch will see it, and the papers were disposed later.
Now I'm avoiding all this stuff like the plague. I'll never hand out access to my bank account through API to anyone. No inter-banking features or cool fintech apps for me, but oh well. My bank has good enough offer and the app is nice too.
