LexisNexis
LexisNexis is an American data analytics company headquartered in New York, New York. Its products are various databases that are accessed through online portals, including portals for computer-assisted legal research (CALR), newspaper search, and consumer information.[3][4] During the 1970s, LexisNexis began to make legal and journalistic documents more accessible electronically.[5] As of 2006, the company had the world's largest electronic database for legal and public-records–related information.[6] The company is a subsidiary of RELX.
Company type
Publishing, Information and analytics
1970
Helmsley Building, New York City, United States[1]
Case law, articles, publications, news, court documents, lawyer marketing, law practice management tools, media monitoring tools, supply management tools, sales intelligence solutions, and market intelligence tools
10,000[2]
Criticism and cases[edit]
Illegal collection and sale of personal data[edit]
In 2022, LexisNexis Risk Solutions was sued by immigration advocates for allegedly violating Illinois law by collecting and combining extensive personal information and selling it to third parties, including federal immigration authorities. The lawsuit claimed that the company's practices posed "a grave threat to civil liberties."[69]
[edit]
Critics accused LexisNexis of violating individuals' privacy rights by providing addresses, phone numbers, relatives' names, and more through the data being sold to Immigration and Customs Enforcement (ICE).[70]
In November 2019, several legal scholars and human rights activists called on LexisNexis to cease work with U.S. Immigration and Customs Enforcement because their work directly contributes to the deportation of undocumented migrants.[71]
Allegations of violating EU privacy legislation[edit]
LexisNexis has been accused of violating the General Data Protection Regulation (GDPR) by collecting and storing personal data of European citizens without their explicit consent. The accusation was made by NOYB, a European privacy advocacy group, which filed a complaint with the Irish Data Protection Commission (DPC), the lead supervisory authority for LexisNexis in the European Union. NOYB alleges that LexisNexis collects personal data of European citizens through its legal research products and services, including Lexis Advance and LexisNexis® Academic. This data includes names, addresses, email addresses, and IP addresses.
NOYB also alleges that LexisNexis does not provide European citizens with an opportunity to opt out of the collection and storage of their personal data. This is a violation of the GDPR, which requires companies to obtain consent from individuals before collecting and storing their personal data.
In response to the complaint, LexisNexis has said that it is committed to complying with the GDPR and that it is currently reviewing its data collection and processing practices.
The DPC is currently investigating the complaint and has not yet issued a decision. If the DPC finds that LexisNexis has violated the GDPR, it could impose a fine of up to €20 million or 4% of the company's global annual turnover, whichever is greater.
Violation of Daniel's Law[edit]
On March 4, 2024, two anonymous plaintiffs in New Jersey filed a class-action lawsuit against LexisNexis, stating that they violated Daniel's Law.[73][74] In New Jersey, Daniel's Law includes a clause requiring that if websites have published certain personal information regarding certain government officials, and a request to take it down by an authorized party is issued, such a request must be honored.[75] The lawsuit represents over 18,000 individuals, and alleges that not only were such requests not honored, but those who filed requests were punished by LexisNexis, who "campaign[ed] to freeze the credit reports of Plaintiffs and others", and incorrectly reported them as victims of identity theft. Furthermore, additional allegations state that LexisNexis published "comprehensive reports on other family members (including minor children as young as 13 years old)", and that as of the time of the lawsuit, none of the attempts to have LexisNexis unfreeze the credit reports have been honored.[73]
Privacy Class Action Lawsuit[edit]
On April 17, 2024, a privacy class action lawsuit was filed against LexisNexis over its use of personally identifiable information. The lawsuit was filed in behalf of residents of at least California and Illinois.[76] The complaint claims that LexisNexis did so without plaintiffs' authorization in order to promote its Lexis Personal Records Products.
Other privacy cases[edit]
LexisNexis has been in the news for a number of data privacy issues. In 2023, the company was fined €100,000 by the French data protection authority, CNIL, for failing to properly inform individuals about how their data was being used. The CNIL found that LexisNexis had not provided clear and concise information about its data collection and processing practices, and that it had not obtained the necessary consent from individuals to use their data.
LexisNexis has also been criticized for its use of facial recognition technology. In 2022, the company was sued by a group of privacy advocates who alleged that it was illegally using facial recognition technology to scan images of people without their consent. LexisNexis has denied the allegations; the case is still pending.
The company has also been accused of collecting and storing excessive amounts of data about individuals. In 2021, a report by the Norwegian Consumer Council found that LexisNexis had collected data on millions of people, including their names, addresses, phone numbers, and social media activity. The report also found that LexisNexis was sharing this data with third-party companies without the knowledge or consent of the individuals involved.