Directory of US brokerage firms
Whitelist
The following brokerages have no significant ethical issues:
| brokerage | ALEC member | sensitive info exposed to CloudFlare | supported CISPA | forced drug testing of staff | notes | |---|---|---|---|---|---| |Greenvest|n|n|n|n|RIRA; min. investment to avoid fees: $100k; B corp| |Rich Uncles|n|n|n|n|Real estate investing only|
Graylist
These brokerages would normally be blacklisted, but due to the short whitelist they are set aside as a less evil compromise to those blacklisted. They should still be avoided if possible.
| brokerage | ALEC member | sensitive info exposed to CloudFlare | supported CISPA | forced drug testing of staff | notes | |---|---|---|---|---|---| |E*Trade|n|n|🕵|n|covers: Canada, France, Germany, Hong Kong, Japan, United Kingdom, and United States; funding bonus ($5k=>$50; $10k=>$100; $20k=>$150)| |Finhabits|n|n|n|n|B corp; Hosted on Google Cloud; outsources to Apex; uses Equifax for address verification| |InteractiveBrokers|n|n|n|n|min. investment to avoid fees: $100k per account; has a "impact" feature to analyze the portfolio's ESG factors w.r.t. the user's ethical views; covers Australia, Belgium, Canada, France, Germany, Hong Kong, Italy, Japan, Mexico, Netherlands, Singapore, South Korea, Spain, Sweden, Switzerland, United Kingdom, and United States; website is partially Tor-hostile but the site can be avoided for most operations after sign-up| |Janus Henderson|n|n|n|n|Amazon AWS-hosted; transactional web host (www.secureaccountview.com) is not AWS, but it is Tor-hostile; it's possible to work offline and receive gratis paper statements.| |nvstr|n|n|n|n|Amazon AWS-hosted; maintenance fee: $4/month; promos: $15-150 for funding, random bonus awards, referral bonuses| |Robinhood|n|n|n|n|Amazon AWS-hosted; Fined $65M for misleading users; They may have used CloudFlare in the past but apparently that changed| |Stash|n|n|n|n|Amazon AWS-hosted; no mutual funds; no options; no crypto; maintenance fee: $1/month| |tastyworks|n|n|n|n|Amazon AWS-hosted; TIRA; RIRA; no forex; no crypto; no non-US stocks; open/close fee= $0/0; commission=$5/stock trade (closing trades gratis), $1/option trade; promo: funding (100 shares [$1-6ea, avg:$200-220]), referral=$75| |TradeStation|n|n|n|n|Amazon AWS-hosted; crypto; min. invest=$500 ($2k for bonus); open/close fee= $0/0; commission=$0.50/option trade; commission=$0-5/stock trade| |Vanguard|n|n|n|🧪|| |Webull|n|n|n|n|Amazon AWS-hosted; TIRA; RIRA; crypto; no forex|
Rationale for graylist inclusion
Brokerage firms are graylisted here if their sole ethical problem is hosting on Amazon AWS. Amazon is behind countless evils. It's paramount to boycott Amazon for anyone who cares about human rights, privacy, or the environment. Amazon also has had several data breaches-- Capital One, Juspay, Swiggy, etc., so it's a bad idea to trust custodians who use AWS with the security of your money.
Exceptionally, E-Trade, Finhabits, InteractiveBrokers, and Vanguard do not use AWS but they are still graylisted. E-Trade supported CISPA, a bill to bypass the 4th amendment to promote unwarranted information sharing with the government. Finhabits outsources address verification to Equifax.
The problem with Equifax
Equifax is the most reckless of all four credit bureaus with sensitive credit data. A data breach of sensitive consumer records to the tune of ~150 million Americans was leaked as a result of reckless security procedures. The lawsuit yielded a disproportionately tiny settlement by which most Americans were not compensated, even though they never consented to Equifax collecting the data to begin with. Of those who received compensation, most did not receive cash, but rather credit protection service which ultimately feeds more money back into the credit bureaus.
InteractiveBrokers is graylisted due to blocking Tor users from accessing some of the web features.
Vanguard is graylisted due to forcing employees to take a drug test, which is an assault on their privacy outside the workplace as well as a hinderance to healthcare.
Blacklist
These brokerages have severe ethical or trust issues and should be boycotted.
| brokerage | ALEC member | sensitive info exposed to CloudFlare | supported CISPA | forced drug testing of staff | notes | |---|---|---|---|---|---| |Ally|n|n|🕵|n|whole site is Tor-hostile (403 error)| |Axos Invest|n|🌩|n|n|Amazon AWS-hosted; Axos Bank is jailed in CloudFlare and Axos Invest will be soon. Investors who get blocked by that will have to pay $5/month for paper statements.| |Betterment|n|n|n|n|Imposes hCAPTCHA just to read the landing page. They censor posts in their Reddit sub that complains about this instead of offering support.| |Ellevest|n|🌩|n|n| |Euro Pacific Capital|n|🌩|n|n| |FUTU|n|n|n|n|support.fututrade.com is CloudFlared; no web app; mobile app is GPS-iOS-only; desktop is Mac/Windows only| |Firstrade|n|n|n|n|whole site is Tor-hostile (468 error)| |Fundrise|n|n|n|n|Amazon AWS-hosted; Unavoidable CAPTCHAs| |Gatsby|n|n|n|n|no web app; no desktop app; mobile app is GPS-iOS-only| |Lightspeed|n|🌩|n|n|| |M1 Finance|n|🌩|n|n|They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare.| |Merrill Edge|n|n|n|🧪|Owned by one of the most evil banks in the world (Bank of America)| |Prudential|👌|n|🕵|🧪| |Siebert|n|🌩|n|n|| |SoFi|n|🌩|n|n|They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare; also caught in a deceptive advertizing scandal.| |Sogotrade|n|🌩|n|n|| |Stockpile|n|🌩|n|n| |TD Ameritrade|n|n|n|n|Majority owned by Charles Schwab, a firm that supports republicans, CISPA, drug tests their staff, and treats Tor users with hostility (but note that TDA functions over Tor). Schwab outsources banking operations to PNC bank, which is quite evil; Uses MS Github to host s/w| |TIAA-CREF|n|n|n|n|Whole site is Tor-hostile| |Tradingblock|n|🌩|n|n| |Wealthfront|n|n|n|n|Registration imposes Google reCAPTCHA; caught making false disclosures and charged for false advertising.| |Wealthsimple|n|🌩|n|n| |Wellstrade|n|n|🕵|🧪|Owned by Wells Fargo, an evil bank.| |Zackstrade|n|🌩|n|n|
Rationale for blacklist inclusion
Tor hostility (Ally, Firsttrade, and TIAA-CREF)
Banks and brokerages that are aggressively Tor-hostile are automatically blacklisted.
Why brokerage access over Tor matters
If Tor were used exclusively for anonymity, it would be useless in the context of consumers accessing and controlling their financial accounts. But that's not the case. Tor prevents your ISP from snooping on where you bank. ISPs collect data on their own customers and exploit it for profit in the US. Under Obama it became illegal for an ISP to sell data collected on their customers without express consent. As if that's not already useless thanks to an abundant supply of consumers who will agree to anything without reading it, Trump reversed Obama's policy in 2017 to render consumers completely powerless. Tor is a free tool to protect from excessive disclosure of where your assets are. Thus when a bank or brokerage blocks Tor, it prevents you from taking basic self-defense measures. This trend undermines the supplier-client relationship whereby we expect the supplier to serve the customer's interest. It's not just anti-privacy, it's anti-consumer.Non-Tor users generally reveal their physical location to their bank every time they login. If all banks didn't care where you reside, this wouldn't be a problem. But some banks care more than others and beyond reason. Banks typically collect your IP address and one bank even outright admits in their privacy policy that they collect geolocation data from customers' IP addresses. For nomads/world travelers banks can make their lives hell if their profile doesn't seem to match up with their lifestyle. Some banks will close an account if a customer moves out of their service area. If you want to take a job away from home for a year or two, Tor gives you the necessary privacy to do that free of hassle and nannying.
Why non-Tor users should also boycott Tor adversaries
Suppose you never leave home, and you're not bothered if your ISP collects data on where you bank to then sell to data brokers who can then sell it to debt collectors. If you're ethical nonetheless, then you still boycott those who marginalize Tor users. These quotes elaborate on that moral duty:"If you are neutral in situations of injustice, you have chosen the side of the oppressor. If an elephant has its foot on the tail of a mouse, and you say that you are neutral, the mouse will not appreciate your neutrality." --Desmond Tutu
"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." --Edward Snowden
To expand on Snowden's philosophy, it's extremely selfish to refuse to defend a right that others need on the basis that you don't personally need it now or in the future. Moreover, indirect benefits should not be overlooked. Human rights activists need civil liberties more than others, but we all need activists to make the world better for everyone. Moral duties to you derive from that.
Tor is becoming less usable because the growing majority non-Tor users are patronizing businesses that marginalize Tor users.
"Under observation, we act less free, which means we effectively are less free." --Edward Snowden
To neglect to use Tor is to subject yourself to unnecessary observation. In the context of banking and finance, this in turn reduces your freedom of movement.
CloudFlare
Banks and brokerages that proxy their services through CloudFlare are blacklisted automatically for taking a profoundly stupid risk with consumer's sensitive financial data. CloudFlare holds the SSL keys for every connection and sees all the traffic including username and unhashed password. CloudFlare has proven to be untrustworthy with sensitive information (demonstrated by CloudFlare's doxxing of the identities of child porn whistle blowers). Apart from the unacceptably high security risk of having a CloudFlare MitM, there are countless ethical problems with being an enabler of CloudFlare.
Forced CAPTCHA (Betterment, Fundrise, and Wealthfront)
Banks and brokerages that force customers to solve an hCAPTCHA or a Google reCAPTCHA are blacklisted automatically. Use of these two forms of CAPTCHA have an excessive detrimental consequence on privacy and human rights, which is outlined in the CloudFlare rap sheet.
Google Playstore (GPS) / Apple exclusivity (FUTU and Gatsby)
Banks and brokerages that force customers to obtain software from Google Playstore or Apple are blacklisted automatically. Most brokers have web access or a desktop app, in which case the mobile app can be disregarded because customers have a viable means to avoid the privacy abusing walled gardens. But FUTU and Gatsby are a problem. Gatsby has no means of access apart from the mobile app, and no APK is available on their website or in f-droid.org, so Android users have no choice but to buy mobile phone service, trust Google withe their phone number, then also trust Google not to tell data brokers where you bank and invest. FUTU has a desktop app but only for Mac or Windows, so linux users and those who avoid non-free software are stuffed. (Caveat: the FUTU Windows app has not been tested on WINE or ReactOS)
Bad supply chains (Merrill Edge, TD Ameritrade, and Wellstrade)
Merrill Edge, TD Ameritrade, and Wellstrade all have ethically controversial ownership. Merrill Edge and Wellstrade are simply owned by extremely evil banks. A large majority of TD Ameritrade is owned by Charles Schwab. Schwab is not directly involved in the highly controversial financing that other large banks are, but Schwab outsources banking to PNC bank, which is quite evil.
It's important for ethical consumption to consider the whole supply chain to the extent of your awareness. When consuming a product or service you're not just feeding the immediate customer-facing business.