Plaid privacy settlement

Plaid launches new privacy platform after $58M privacy settlement

In light of concerns that open banking is too open with user data, Plaid announced a new privacy portal that lets US users view where their data is going.

Users can see what apps are sharing data and switch apps with the click of a button, and after a $58-million class-action privacy settlement, many are expected to. 

“It’s difficult for anyone to keep track of where their data is going when they’re using so many apps to manage their finances,” Jean-Denis Greze, CTO of Plaid, said in a Tweet. “Very proud of launching the Plaid Portal to give people easy controls across the entire fintech ecosystem.”

The firm is calling it the Plaid Portal and not explicitly tying the launch with a privacy settlement the firm reached in August. A spokesperson from the firm said the Plaid Portal has been under development for years and in beta form since 2020 but fully launched this week.

As part of the settlement, Plaid was required to advertise the Portal prominently on the Plaid website, the spokesperson said.

Plaids login landing page and the banking data it collects behind the scenes help users connect with over 5,500 services like Coinbase, but the open banking ideal has come under scrutiny. 

Plaid settles privacy suit

A recently settled class-action updated on Friday granted $58 million toward users of Plaid for allegedly mishandling data and disguising a login screen as a trusted banking service.

The settlement alleges that when connecting an account to providers like Coinbase, Plaid brought up a web page that let users search for their bank, for example, Bank of America.

As Sean Byrne, the Head of Computer Security at Truework, pointed out in a Twitter post from 2020, looks can be deceiving. The BoA logo would appear at the top of the screen, and according to the lawsuit, users would trust the page as an extension of their bank and give Plaid their bank password. 

A screenshot from the app from 2020

In reality, Plaid collects and stores user accounts and passwords and nearly all the information users have in their accounts, including loans and debt.

Plaid could have some of the most accurate credit scoring data globally if they shared user data or sold it off, which they claim not to do, as a matter of course. Rumor of a lawsuit first appeared in 2020.

In related news, Plaid announced last week it would buy an ID verifying application called Cognito for a cool $250 million.

Any user of a Plaid service that connected bank data through services like Robinhood, Coinbase, Venmo since 2013 has a stake in the claim, and no proof of purchase is necessary. The deadline to file a claim is April 28, 2022, and anyone can submit a claim using the settlement site here. The Court will hold the Final Approval Hearing at 1 p.m. on May 12, 2022 in the United States Courthouse, 1301 Clay Street, Oakland.

Though, as some have already pointed out, the individual payouts may be as low as a couple of bucks when an estimated 98 million people who use nearly every financial app have an option to file. 

Plaid responds

A spokesperson from Plaid responded to LendIt with a statement.

“The claims raised in the lawsuit do not reflect our practices. We help consumers safely connect their financial accounts to the apps and services they rely on,” the spokesperson said. “We do not, nor have we ever, sold data. We make our role and practices clear and provide services that give consumers control over how and where they share their data.”

The statement went on to say that the settlement was best “in light of the cost and burden associated” with drawn-out legislation.

$38 million to be distributed

According to the suit, the lawyers that argued the case will likely receive: “up to $14.5 million in attorneys’ fees, plus additional costs and service awards. This would leave approximately $38 million to be distributed to the Class Members.”

The use agreement in 2020

Plaid said it is committed to building a safer fintech ecosystem in a blog post and celebrates the National Cybersecurity Alliance’ Data Privacy Week with its new web page.

People can first set up a Plaid Portal account by visiting my.plaid.com to view account connections and control which apps have access.

Plaid also made sure to mention the sheer size of their operation, deemed too big to merge with behemoth Visa last year, shuttering a $5.3 billion plan to merge by reminding everyone. 

“With nearly 9 in 10 Americans today using some form of fintech to manage their financial lives, powering a safer digital financial ecosystem is a paramount priority and one we are excited to continue to support.”

“Moving forward, we will continue to focus on empowering millions of people with control over the data they share across the thousands of applications Plaid supports,” a spokesperson said in a statement.

Plaid is valued at around $13 billion today.

Sign up for our Newsletters

Every morning the LendIt Fintech News team scours the globe for the most important fintech stories of the day in the daily Global newsletter.

The Europe edition comes out on Monday, Wednesday, and Friday featuring the most important stories in European and UK fintech.

The Latin American newsletter arrives in your inbox on Tuesdays and Fridays. This is a trilingual newsletter featuring stories in Spanish, Portuguese, and English.

Join 20,000 subscribers!