The Rio de Janeiro State Court of Appeals overturned a lower court ruling and dismissed the bank's liability in a fraud case involving a payroll-deductible loan taken out without the account holder's consent. The plaintiff claimed to have been the victim of a scam after receiving phone calls and allowing third parties to visit his home to photograph documents and collect signatures, believing it was a legitimate promotion.
The lower court had ordered the bank to cancel the contract, provide double reimbursement of the deducted amounts, and pay moral damages. However, the appellate court found that the fraud was only possible due to the spontaneous provision of personal data by the customer himself, with no indication that the transaction deviated from the account holder's banking profile.
The ruling emphasized that, in order to hold a financial institution liable for a data breach that facilitates scams, it is necessary to prove that the source of the leak was the bank's own system. In the case analyzed, the consumer's conduct, by failing to exercise minimum caution, was considered the determining factor in the completion of the fraud, breaking the causal link between the damage and the banking activity.
Based on these grounds, the court granted the bank's appeal, dismissed the plaintiff's claims, and reversed the allocation of litigation costs, including attorney's fees.
This post was summarized from the original court decision using AI, with human review.
TJRJ/AC No. 0818183-79.2022.8.19.0205