Really, the two -fundamental- issues raised are:
- How much is information worth?
- How secure should information be?
I'll answer the second one, first. IMHO, all information should be as secure as possible. If you "differentiate", by using different degrees of security, you immediately tell any interested party what to focus on, and what to ignore. Since social reverse-engineering often allows a person to deduce elements of that "secure" information, you essentially have no security at all.
IMHO, banks and other financial organizations should use secure identification methods, ALWAYS. For a computer, this would mean using SSL (128-bits), an IPSEC tunnel (using 3DES), or PGP/GPG, depending on the type of information being transferred.
For personal access, be it an ATM or via a bank teller, the same level of security should apply. Public key encryption of information on bank cards and credit cards would seriously reduce the risks involved. Checks should ONLY be usable by the person they are made out to. Using them as an alternative to cash makes them VERY high-risk.
Now, on to how much information is worth. If it's kept so secure, it must be worth a lot, right? Yes. But only in the context of the person and their bank. If it's kept safe, it should be worthLESS to everyone else.
Ok, so that information has duel-ownership. How much can one owner charge the other, for transfer?
Since the information, in and of itself, has no value, the answer would presumably be "nothing". It only has value in a specific context, and that context doesn't apply in simple exchanges like this.
HOWEVER, it is entirely right and proper for one owner to charge the other for any exceptional or unusual exchanges, where said exchange places a burden on the owner who is delivering.
The problem with banks, though, is that these charges are all one-way. The bank never has to pay, when the burden is on the customer. Sorry, but if you are valuing & charging for one set of burdens, you should really value and charge for all of them.
This applies to company computers, too. If a company computer generates or records erronious data, and this places a burden on an employee, the employee should have a perfect right to bill the payroll department for that burden.
Often, computer payroll software is written and maintained by cheap student labour. Very often, it is flawed and buggy. Faulty software has consequences, and those consequences should not be transferrable. Those who cause them should cure them, and pay for them. The rest of the world shouldn't have to play nanny to Accounts.
This leads me neatly into a final, generic point: ALL Software Should Be Free Of Defects! You can write programs which meet all the usual Consumer Protection laws and regulations. By making software magically "exempt" from any kind of mandatory quality control, all that has happened is that there is NO quality control at all. And, yes, I include the protection of personal information and identity in that.