Mint.com is pretty great for connecting to whatever bank you have and it'll download your reports and also automatic categorization. I have almost 2 years of data in it, and they let you download it all CSV. It also has me in the habit of checking all of my accounts once a week, by just logging onto one website. Nice way to be on top of anything that might be fraudulent.
What about the privacy issues of a public web site that tracks a household's entire financial profile? Intuit's claim:
"We make money only when you do - We give you personalized ideas on how to save money by presenting the greatest savings from among thousands of financial products. If you decide to make a change that saves you some cash, we sometimes earn a small fee from the bank or company you switch to. You save a lot; we make a little."
And in the Privacy and Security Policy: "Simply put, we do not and will not sell or rent your personal information to anyone, for any reason, at any time."
But they DO seem to sell your information, as long as the data format can be construed as "anonymous" (before being combined with whatever other datasets the buyer might have):
"Intuit may make anonymous or aggregate personal information and disclose such data only in a non-personally identifiable manner to:
- Advertisers and other third parties for their marketing and promotional purposes, such as the number of users who applied for a credit card or how many users clicked on a particular Intuit Offer;
- Organizations approved by Intuit that conduct research into consumer spending; [...]
I'd be willing to bet they make a lot from these sales. "You save a lot; we make a little" indeed. Even if Intuit's current intentions are 100% honorable, let's not overlook the ubiquitous "we can change what you agreed to without your consent" clause in the Terms Of Service:
"Intuit may modify this Agreement from time to time. Any and all changes to this Agreement will be posted on the Mint.com site. In addition, the Agreement will always indicate the date it was last revised. You are deemed to accept and agree to be bound by any changes to the Agreement when you use the Service after those changes are posted."
This practice is where all the privacy trouble started with FaceBook. I have no idea how it's legally enforceable, but somehow it is, and in fact it's standard boilerplate for TOS contracts everywhere. :-)