Plaid Privacy Settlement

It’s easy to get overly focused on privacy regulations like GDPR and CCPA. Or to make the worst mistake, claiming, “I don’t do business in Europe or California, nor the ever expanding list of places with privacy regulations.”

I received an email this morning notifying me that I was part of a class who had been wronged by Plaid, Inc. The settlement was for $58 million, according to The National Law Review.

My first reaction was, who is Plaid? It turns out, me not knowing who Plaid is is exactly why there is a lawsuit. 

Plaid is a connector app between apps like Venmo, PayPal, and Mint and your banks and credit card institutions. 

Transparency Privacy Principle Violated

Plaid had access to my data under the guise of Venmo, Paypal, and Mint, but nobody was told that it was actually Plaid accessing the data. 

This is a major privacy no-no, and is easily fixed. It’s a simple matter of transparency, which is one of the ZenPrivata Top 15 Privacy Practices. If we were informed that Plaid was accessing our information, then things might have been different. 

Specifically, Plaid “obtained log-in credentials (username and password) through its user interface, known as “Plaid Link,” which had the look and feel of the user's own bank account login screen, when users were actually providing their login credentials directly to Plaid.” (Source: https://plaidsettlement.com/)

This is important because I and others were never given the chance to research Plaid’s security practices and decide if we trusted Plaid. 

Minimization Privacy Principle Violated

Also, Plaid obtained more financial data than was needed by a user's app. This violated the privacy principle of Minimization, which is also one of ZenPrivata’s Top 15 Privacy Practices. It’s best to collect only what is needed, and minimize risk to both individuals and your company. 

Solution: The  ZenPrivata Top 15 Privacy Practices

In my opinion, organizations that address the “practices” in the ZenPrivata Top 15 Privacy Practices, which again is available free of charge, may avoid fines, class action lawsuits, or worse. 

How much could the Top 15 save your organization? Contact us at Hello@ZenPrivata.com to learn more about how to implement transparency and minimization, or if you need any help, along the way.

Previous
Previous

Frameworks in Privacy and Cybersecurity

Next
Next

ZenPrivata™ Top 5 Privacy Predictions for 2022