Most small business owners who have taken on alternative lending know the pitfalls of immediately being called by many brokers who get your data from lead sources, specifically from liens that have been filed with UCC in their home state.
On Thursday October 24th, 2024, Itria Ventures who is one of the most litigious predatory lenders and with a history of using deceptive practices of their own sued Eli Gross and his company "MCA Leads Gen" for allegedly stealing Itria's data and selling it to MCA brokers. While this case is a simple case where Itria Ventures is going after someone who they say stole their data, what is more eye-opening is that while Itria claims to safeguard their data, clearly they do not do enough to protect their clients' data.
By Thomas Tramaglini, Chief Operations Officer
Partner, The Center for MCA Research
Case Overview
The Case:
In this case, Itria Ventures, a predatory lender that "provides working capital to
its small business customers who may have difficulty obtaining funds through traditional financing," accuses Eli Gross and his company of stealing "customer lists containing confidential and proprietary information related to these services, and its existing and prospective customers, such as, without limitation, the name of the
owner of the customer, the amount of funding requested by the customer, and the customer’s annual revenue."
In their complaint, Itria claims that the defendant admitted to Itria's attorney that they stole and sold their trade secrets to "exploit the information for competitive and financial advantages, damaging Itria’s business."
Gross "called Itria’s counsel on September 11, 2024, to discuss the cease and desist letter, and, other than admitting that he was in possession of Itria’s confidential business information, Gross was uncooperative, refused to disclose how he came into possession of Itria’s confidential information, refused to confirm that he would destroy all copies of Itria’s confidential information, and refused to identify all those he had contacted in efforts to sell Itria’s confidential information.
Itria has requested "judgment against Defendant on each and every cause of action, including monetary damages in excess of the jurisdictional limits of this Court, plus interest, costs and attorney’s fees, and punitive damages, and injunctive relief, together
with such other, further, and different relief as the Court may deem just and proper."
What about the Small Business Owner?
The team at Beacon Client Solutions is organized in New Jersey and is bound by law to protect client data with the utmost seriousness. In New Jersey, the New Jersey Privacy Act (NJPA) requires our organization to protect client data through various means in a similar manner to HIPAA.
Itria Ventures, in New York, is subject to NY Law (e.g., SHIELD Act, Personal Privacy Protection Law, others).
While our firm agrees that if Eli Gross and his team stole data from Itria Ventures, then he and their firm should be held accountable for their actions.
The outstanding question that we ask is What about the small business owner?
This lawsuit is a clear indicator that alternative lenders need to protect their data better. For instance, in this case, Gross refused to tell Itria where he got the data. Clearly, the data were either accessed through a technology-based security breach or the data were extracted by someone within Itria and provided to Gross.
From our perspective, Itria needs to conduct an internal investigation (if they have not done so already) and 1) find out how the data were given away, and 2) identify how to protect small business owners. Further, as is the case in Federal and nearly all States data protection laws, Itria should inform all of the clients they said that they have over 200,000 funded clients and the many more who were not funded that their data were part of a breach and the firm should partake in means which address any damage caused by this issue, as well as how they are going to protect small business owners in the future.
Finally, while Itria is taking someone to court who they think stole their data, this data breach raises a red flag. How does an alternative lender have their data stolen and have no idea how the data ended up in the hands of a person who routinely sells lead data to brokers?
Itria, who is a front for Biz2Credit http://itriaventures.com, has not one thing on their website about this data breach or any self-reporting measures of what they are doing to rectify this issue. We hope that this new issue is not similar to Itria and Biz2Credit's past history in being deceptive towards small business owners.
Having their data stolen must be an embarrassing event for Itria. This complaint clearly portrays Itria as being tough and going after a person/lead company who stole their data. However, the underlying situation is that Itria did not do a good enough job to protect their data, and more importantly the small business owners who they did or did not serve.
In this case, Itria needs accountability as well.
Dr. Thomas Tramaglini is the Director of Operations and Negotiation for Beacon Client Solutions, a company that supports small businesses on a host of fronts, especially MCA debt. Thomas has been a small business owner for many years, as well as held leadership positions in several organizations and companies. Thomas holds a B.A. in History, as well as Masters and Doctorates in Organizational Leadership from Rutgers University, The State University of New Jersey.
Disclaimer: Beacon Client Solutions is not an accountancy, or a law firm. We are business consultants. While Beacon works with outstanding attorneys and accountants, we cannot and do not provide legal or tax advice. All of our work is connected to those who are legally certified to give such advice. Beacon does have a longstanding body of work in MCA resolution and understands what small business owners deal with, specific to MCA. Beacon Client Solutions serves clients in all 50 states, Puerto Rico, Mexico and Canada.
Comments