Just a few weeks ago, Plaintiff Logan Mitchell filed a class action against Plaid on behalf of himself and other similarly situated class members. Read more HERE. Logan Mitchell was not the only Plaintiff who was going after Plaid’s alleged “egregious violation of [privacy and] social norms,” however. Soon after Mitchell filed his complaint, four other pending lawsuits against Plaid were consolidated in the Northern District of California, and re-named as: In Re Plaid Inc. Privacy Litigation (Master Docket No. 4:20-cv-03056-DMR.) Pursuant to the Court’s Consolidating Order, Plaintiffs filed the Consolidated Amended Complaint (“Amended Complaint”) earlier this month.
Unclear if it is for strategic reasons, but the Amended Complaint does not mention violations of the California Consumer Privacy Act (“CCPA”). The other statutory violations previously alleged in Mitchell v. Plaid Inc. did make their way into the Amended Complaint. Moreover, Plaintiffs allegations against Plaid seem to have only magnified from the litany of allegations mentioned in Mitchell. Plaintiffs’ now also seek economic redress for “Plaid’s violations of consumers’ dignitary rights, privacy, and well-being caused by Plaid’s unethical and undisclosed invasions into their financial affairs.” Plaintiffs continue to allege that Plaid has never adhered to the standard and secure OAuth procedure for the critical process of having consumers log into their bank accounts. And, allegedly, without consumer consent, “for the first several years of Plaid’s operations, Plaid arranged for its fintech clients to collect consumers’ bank login information and then pass that information to Plaid, which then approached the banks directly.” Plaintiffs’ allegations range from the lack of information provided to users to the improper use of their data. Given the evolving state of law in the FinTech space, we will be watching to see how many of the allegations – if any — are deemed discrete violations of existing law, and how many are just Plaintiffs’ personal views of violations of user expectations.
According to the Amended Complaint, Plaid has accessed approximately 200 million United States financial accounts, which for the purposes of the class action means that “[a]t minimum, each Class has thousands or millions of members.” But don’t try to look for any of the alleged practices on the Plaid app., Plaintiffs are keen to indicate that “Plaid made certain changes to [the interface] in its Plaid Link software , shortly after the initial complaint was filed in this consolidated action, and apparently in response to this lawsuit.” We should (hopefully soon) be getting some clarity on the realistic size of the class at issue and Plaid’s response to these allegations. Stay tuned!