Class plaintiffs succeeded in fighting off the bulk of fintech infrastructure company Plaid, Inc.’s attempts to dismiss their privacy litigation claims in federal court this week. U.S. Magistrate Judge Donna M. Ryu ruled that plaintiffs’ class action case could continue on their invasion of privacy claim, unjust enrichment claim, and claim under the California Anti-Phishing Act against Plaid.

When consumers sign up for apps like Venmo and Square’s Cash App they are asked to link their bank accounts and are directed to Plaid’s software. According to the allegations, Plaid’s software is designed to spoof banks’ websites so that consumers will feel more comfortable entering their login information, but in reality, consumers using fintech apps with Plaid’s software are unwittingly handing their login information directly to Plaid.

The lawsuit also alleges that once Plaid establishes a connection with a consumer’s bank, it downloads all available data—including years’ worth of transaction history—for every account the consumer has connected to that bank (such as checking, savings, credit card, and brokerage accounts), regardless of whether the data in any of the accounts bears any relationship to the app for which the consumer signed up.

“We are grateful that the court allowed the case to proceed in substantial part, and we look forward to continuing to litigate the case as it proceeds one step closer to trial,” said co-lead Christopher Cormier of Burns Charest LLP

Check out full news coverage on Law360 and Westlaw Today.

In re Plaid Inc. Privacy Litigation, No. 4:20cv3056, in the U.S. District Court for the Northern District of California.