Oracle has agreed to pay $115 million to settle a class-action lawsuit accusing the company of violating privacy laws by collecting and selling personal data without consent. The plaintiffs claimed that Oracle created unauthorized “”digital dossiers”” on hundreds of millions of people, tracking their online browsing, shopping, banking, and other activities. Oracle allegedly sold this information to marketers, either directly or through its products like ID Graph, which helps advertisers create personalized marketing experiences.
The settlement, filed in San Francisco federal court, requires judicial approval and covers individuals whose data Oracle collected or sold since August 19, 2018. As part of the agreement, Oracle will stop collecting data from third-party websites, including user-generated information from URLs and online forms, unless it is directly from Oracle’s own websites. The company has denied any wrongdoing but agreed to the terms of the settlement.
The lawsuit was brought by privacy rights activist Michael Katz-Lacabe and Jennifer Golbeck, a University of Maryland professor specializing in social media and privacy. They argued that Oracle’s practices violated federal and state privacy laws, as well as California’s constitution. The “”digital dossiers”” allegedly contained sensitive data on individuals, including their locations and spending habits.
Law firm Lieff Cabraser Heimann & Bernstein, representing the plaintiffs, may seek up to $28.75 million from the settlement for legal fees. The case, Katz-Lacabe et al v. Oracle America Inc, highlights growing concerns over corporate data practices and consumer privacy, with companies like Oracle facing increased scrutiny for how they handle user information.
Reference: