1. News
  2. Cybersecurity News

Plaid lawsuit shows how important it is for consumers to control their personal data

Consumers need to know what information they're giving up when using an app

Data management and online privacy concept
Photo (c) Galeanu Mihai - Getty Images
A month ago, Plaid -- a company that connects consumers' financial accounts to budgeting, payment, and investment apps -- agreed to settle a class-action lawsuit alleging that the company invaded users' privacy.  

Plaid, which has connections with some of the biggest tech companies like Google and Microsoft, denied all of the allegations in the lawsuit but agreed to “delete transactional banking data for consumers whose apps did not request that data,” ensure that consumers have “informed control of their private financial data,” and “provide important protections for consumers across the country who increasingly rely on modern fintech apps” as part of the settlement.

When ConsumerAffairs reached out to Plaid for more information about the lawsuit, the company stated that it does not sell user data or share it with third-party companies or platforms “unless the consumer, inherent to the process of linking through plaid, wants to share that data with an app.

"If a consumer didn’t want to do that, they wouldn’t be signing up for the app," a Plaid representative stated.

Moving forward from its settlement, Plaid is championing a new resource called "Plaid Portal." It allows users who have connected accounts with their banks via Plaid to manage those connections and turn on/off certain personal data items.

Consumers can do a better job of reading privacy policies 

So, what can consumers take away from the Plaid lawsuit and settlement? To start, it should teach everyone to carefully read privacy policies and to recognize what data they're giving away when they use an app. 

When someone hurriedly clicks “agree” and moves on when asked to read a Privacy Policy on an app, they may be giving a company permission to review or share their data. And glossing over Privacy Policies happens a lot. According to a Pew Research study, more than a third of consumers say they never read a Privacy Policy before agreeing to it. 

“All consumers need to stop and take a moment to read what they are agreeing to in the Terms & Service Agreements,” Scott Schober, President and CEO of Berkeley Varitronics Systems, told ConsumerAffairs. "Each consumer needs to make a conscious choice asking themselves if they are willing to allow companies to have access to their personal data and that they are willing to accept the possibilities of the fallout if/when their information is compromised in a data breach?”

Nick Santora, CEO at Curricula, says consumers should also stay informed about the security of the companies that have their information. He recommends that consumers change their passwords immediately if they learn that a data breach has occurred.

“Also, understand the warning signs when someone or something is pretending to be someone they're not," he told ConsumerAffairs. "A good rule of thumb - check that person's or portal's address. If they don't match with who they're saying they are, report it immediately and do not respond.”

If you think you should give identity theft protection some added consideration, ConsumerAffairs has put together a list of 10 ways you can protect yourself. That guide is available here

Take an Identity Theft Quiz. Get matched with an Authorized Partner.