What makes you trust your current bank or credit union to keep your data secure that doesn't make you trust these open banks from keeping your data secure?
I don't particularly trust my bank, but I do try to minimise (as much as possible) the number of organisations with which I share my transaction data.
It's probably worth clarifying that there are no institutions that would be categorised as "open banks"; Open Banking [0] is an umbrella term for a set of technologies (primarily APIs), regulatory frameworks and standards which allow easier integration between businesses in the financial services industry. The bar for getting access to those APIs is high enough that it would generally exclude customers who'd like to query their own accounts from their own software, but not so high to stop the proliferation of startups keen to monetise and analyse customer transation data. For the most part, in the UK you can't just ask your bank for an API key and use it to pull transaction data from your own account but your mortgage lender can require you to share that data with a third party as a condition of extending a line of credit.
I believe this is how Experian Boost works in the UK; you can "boost" your Experian credit score by linking your bank account via open banking and allowing them to analyse your transaction history. However you would need to read (and fully understand the breadth of) their privacy policies and terms and conditions to understand how your transaction data is used (and how it may be used in the future).
One of my primary concerns is around data being shared on, and on, and on. Regulation helps a little, but I'm afraid that we'll end up in a similar situation as we have with other types of data online (analytics, advertisement targeting and telemetry) where you may opt out of certain types of data collection but find that next tab on the opt-out dialog lists hundreds of partner organisations with a "legitimate interest" in your data. And with financial services, it's even more sensitive - it would be disastrous if people were excluded from applying for a mortgage because they refused to share incredibly detailed transaction history with a third party credit risk firm. And worse still if, upon sharing that data, they were denied a mortgage because placing an occasional bet online, subscribing to an OnlyFans creator, spending thousands at the Apple store and trading some disposable income on eToro fit a pattern that a black box algorithm deemed high risk.
It would be better to have credit decisions not rely on such invasive analysis of personal data.