[archenary]

IANAL and have no affiliations to Plaid. My takeaway from the article and [0] is that Plaid violated privacy laws because they provided insufficient disclosure with respect to the collected data, not that they are selling data to third parties.

Edit: Update [0] to source

[0] https://newmedialaw.proskauer.com/2021/05/11/plaid-federal-e...

[akarma]

(IANAL either) I understand and agree that part of the issue is that they, allegedly, underhandedly collected this data. My question is focused around the potential selling of that data, which took place according to the lawsuit and was likely the reason to collect the data.

From the article you linked:

> Plaid would retain access to their credentials and use them to mine, aggregate and then sell users’ financial transaction data to third parties (including to the fintech apps that use its services) for purposes unrelated to the plaintiffs’ use of the fintech payment apps.

[madamelic]

> My question is focused around the potential selling of that data, which took place according to the lawsuit and was likely the reason to collect the data.

They would kind of have to be idiots to do so, to be quite frank.

Up until like a year ago, their baseline product was $500 / mo plus $x / user after 100 users (iirc) with a 12 month contract.

Plaid has basically no competition, is worth billions and was almost acquired if not for an anti-trust suit.

I am not sure how Plaid or its founders would benefit financially by betraying the trust of their customers and their customers' customers by getting a few cents per record out of it.

> Plaid would retain access to their credentials and use them to mine, aggregate and then sell users’ financial transaction data to third parties (including to the fintech apps that use its services) for purposes unrelated to the plaintiffs’ use of the fintech payment apps.

People's hatred / mistrust of Plaid stems for a misunderstanding of what Plaid is.

Yes, Plaid does """sell""" that information... to the app that you willfully gave permission to, information like cash flow, debt, types of debt, etc.

Oh, also, if people are so terrified of Plaid, they should write to the Congresspeople and ask them to write a bill to force banks to write & provide REST APIs. The lack of banking APIs is the only reason Plaid exists and has to resort to scraping or storing banking information.

[tzs]

> Oh, also, if people are so terrified of Plaid, they should write to the Congresspeople and ask them to write a bill to force banks to write & provide REST APIs.

Why REST? Yes, I’d certainly rather call rest APIs than, say SOAP APIs, but do really want Congress specifying that much technical detail?

[ericwooley]

Yes, that would be fine. As long as security is covered. Mandating a standard API would be awesome.

[geoduck14]

I haven't used Plaid and I haven't read the litigation, but it seems the following scenario may have happened:

1) Users use Plaid to buy/sell with a variety of vendors and banks 2) Vendors and banks were aware that specific users were buying /selling because they were buying/selling their products 3) Users consented to #2 because they were buying/selling their products

4) Plaid provided aggregated reports that said "5% of your customers also shopped on Amazon"

People sued over #4