The lawsuit accuses the insurance company of paying app developers to install code in their products that sent sensitive customer data back to Allstate.
Critically, these apps are not associated with Allstate.
Things like gas price apps, family monitoring apps.
In its complaint, filed in federal court, Texas requested that Allstate be ordered to pay a penalty of $7,500 per violation of the state’s data privacy law and $10,000 per violation of the state’s insurance code, which would likely amount to millions of dollars given the number of consumers allegedly affected.
The lawsuit also asks the court to make Allstate delete all the data it obtained through actions that allegedly violated the privacy law and to make full restitution to customers harmed by the companies’ actions.
Yeah. because deleting the data is going to get it out of the hands of all the people they already sold it too. (including other insurers.)
Also, WTF is with the “Right to Cure”?! Like. Seriously. Companies have already decided the risk of getting caught is acceptable, so now you’ll just, let them get off the hook for free? simply by stopping the illegal action? Sorry. People have been harmed by this. “I won’t do it again” is not enough.
The “right to cure” provision gives them 30 days to “cure” their infractions (that is, stop being criminals.)
Basically what has to happen is that:
they get caught
they get warned (The 30 day clock starts here.)
they stop being assumes.
issue a statement detailing what actions they took to stop being assholes, potential policy changes that were implemented (lol,) and evidence they’re back in compliance.
If they do all that, then there’s zero consequences.
All they have to do is tailor that statement to be hyper specific. “We promise to not work those apps!” Or maybe “we won’t use the Arity SDK!” But spin off. “Lol-not-arity” SDK that does the same thing,
Basically, corporate lawyers are why we can’t have nice things.
Critically, these apps are not associated with Allstate.
Things like gas price apps, family monitoring apps.
Yeah. because deleting the data is going to get it out of the hands of all the people they already sold it too. (including other insurers.)
Also, WTF is with the “Right to Cure”?! Like. Seriously. Companies have already decided the risk of getting caught is acceptable, so now you’ll just, let them get off the hook for free? simply by stopping the illegal action? Sorry. People have been harmed by this. “I won’t do it again” is not enough.
It’s recently enacted consumer privacy laws. I maintain our privacy platform and it’s super stressful. Wish we could just get something like a gdp.
That’s not what right to cure means.
The “right to cure” provision gives them 30 days to “cure” their infractions (that is, stop being criminals.)
Basically what has to happen is that:
If they do all that, then there’s zero consequences.
All they have to do is tailor that statement to be hyper specific. “We promise to not work those apps!” Or maybe “we won’t use the Arity SDK!” But spin off. “Lol-not-arity” SDK that does the same thing,
Basically, corporate lawyers are why we can’t have nice things.