Dive Brief:
- Four new plaintiffs filed a class-action lawsuit Friday against data aggregator Plaid, alleging the fintech illegally collected information on more than 200 million separate financial accounts belonging to users of Venmo, Stripe, Coinbase and Square’s Cash App, and sold or “otherwise highly misus[ed]” it without telling customers.
- The lawsuit accuses Plaid of showing users login screens that look identical to those of their banks, under the guise of helping customers access easy online banking. The screens, however, are wholly controlled by Plaid.
- The suit, filed in the U.S. District Court for the Northern District of California, marks the second complaint against the company in the past month. The first, filed June 25, alleged Plaid was “data plumbing” Venmo, Robinhood, Stripe and Cash App accounts.
Dive Insight:
The court action comes during a busy year for Plaid. Visa acquired the company in January for $5.3 billion. Since then, Plaid has partnered with Microsoft on a personal finance app, Money in Excel, as part of a rebranding of Office 365. The startup is also launching an application programming interface (API) platform, Plaid Exchange, which aims to help smaller financial institutions compete with the likes of Wall Street banks.
Plaid obtained “direct and full access to consumers’ personal financial banking information for Plaid’s own commercial purposes wholly unrelated to the consumers’ use of the apps,” Friday’s complaint states.
“Plaid exploits its ill-gotten information in a variety of ways, including marketing the data to its app customers, analyzing the data to derive insights into consumer behavior, and, most recently, selling its collection of data to Visa as part of a multi-billion dollar acquisition,” the complaint reads.
Plaid describes itself as an infrastructure company, according to the complaint. But its “true purpose,” the complaint states, is “invading consumers’ privacy for profit.”
If users select an option on their phones to give Plaid access to their account information, the fintech is reportedly able to access years of a customer’s bank account transactions for purposes unrelated to the transactions they wanted to conduct, according to PYMNTS.com.
The fintech has reportedly been able to harvest loads of personal data, including banking and other financial accounts, by allegedly falsely making users believe the data is being used for communication directly with their banks.
Plaid has denied the accusations and said it has never sold user data, according to Cointelegraph.