Plaid settles class-action lawsuit for $58 million

Plaid has settled a class action lawsuit alleging the company used dubious tactics to collect bank account information to share with fintech customers. Under the terms of the agreement, the San Francisco-based data aggregator has agreed to create a $ 58 million settlement fund and change its business practices and policies.

This settlement comprised five class actions that were combined into one. All claimed that Plaid used consumers’ bank credentials to collect and sell detailed financial information without user consent.

Claim document

eccolo74 / Getty Images / iStockphoto

The agreement affects an estimated 98 million people for whom plaid screen scraping data from a bank account is to be fed into a fintech app such as Venmo. After the attorneys are paid, if all 98 million people file a lawsuit, they’ll get about 60 cents each. (In these types of settlements, not everyone usually makes a claim. In this case, however, they will be given the option to receive the settlement money automatically through Venmo and PayPal, rather than just by check, which could lead to further claims.)

Plaiders alleged that Plaid’s user interface mimicked the login screens of a single user’s financial institution and that users were not informed that they were not actually logging in through the bank’s own platform. The plaintiffs said they unwittingly gave Plaid their credentials for the financial institution and that Plaid would retain access to their credentials and use them to mine, aggregate, and then sell the users’ financial transaction data to third parties.

In the deal, Plaid pledged to improve data erasure and minimization, improve disclosure, and continue to host a dedicated website with detailed information on its security practices.

In this case, data minimization ensures that no additional data is retrieved that is required for the purposes of the fintech app. Data erasure eliminates any unnecessary data that may have been accidentally collected. For example, if an app uses Plaid for authentication and only needs an account code, Plaid undertakes to use only that number. If further data is collected as part of the screen scraping of the consumer account, it will be deleted.

Plaid hopes to have 75% of its traffic devoted to banking APIs by the end of this year. Using APIs should eliminate all of the complaints raised in the lawsuit, the company said.

“When you think of the development of Plaid five or six years ago, compared to what we are now and where we are going in the future, it really frees up the decks for us to move forward and get us into this API- Bank to move the direction of the partnership and this commitment to really strong, industry-leading visibility and control tools for consumers, “said John Pitts, director of politics at Plaid. “The comparison gives us the opportunity to move further in this direction and to double our investments in this approach to the ecosystem.”

Comments are closed.