DATA BREACH AT THE CONSUMER CREDIT REPORTING AGENCY, EQUIFAX HAS EXPOSES THE DATA OF NEARLY 1/2 THE AMERICAN POPULATION.
On Thursday, Equifax announced that the personal information of 143 million Americans — almost ½ the U.S. population — has been compromised after a data breach that exposed sensitive information including social security numbers, driver’s license numbers, and address information. The company said it also appears that credit card numbers and other sensitive credit related information were also exposed for at least a portion of those impacted by the breach.
Equifax is one of the “Big Three” consumer credit reporting agencies, a title shared with Experian and TransUnion. These companies specialize in collecting and selling consumer credit and insurance information, and related analytic data to other business in various industries. The information provided by Equifax and other consumer credit reporting agencies in then utilized by the purchasing business to determine financial status make credit and insurance related decision, and to evaluate risk related to the consumers documented behaviors.
Equifax has taken measures to inform the public and the media of the breach, including a video statement issued by the company’s chair and CEO Richard F. Smith. In that statement, Smith expressed his “disappointment” over the breach, which was discovered on July 29, and was not made public until yesterday.
In addition, as a response to the need to inform consumers impacted by the data breach, Equifax has created a data breach website. According to the company, consumers can check to see if they are one of the 143 million consumers whose data has been impacted.
Since the announcement yesterday, media outlets have directed consumers to the data breach help site step-up by Equifax. While the site has experienced some technical difficulties, Equifax has asked consumers to continue to try the site if they encounter issues.
For those that have been able to access the site, they warn to READ THE FINE PRINT. According to a report in the Washington Post, the website’s terms of service includes legal language that limits consumers’ ability to participate in any class action that may arise from the breach. This is often called an “arbitration clause,” which is meant to cut down on the number of cases moving through the court system, but in reality can strip consumers ability to seek justice when the actions of a large company, like Equifax, has caused them harm.
So as you are checking to see if your personal information was exposed in the Equifax fax data breach, make sure you read the fine print in the Equifax data websites terms of service:
AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.
And then follow the opt-out instructions that Equifax provided in an updated terms of service:
In order to exclude yourself from the arbitration provision, You must notify Equifax in writing within 30 days of the date that You first accept this Agreement on the Site (for Products purchased from Equifax on the Site). …
[You] must include Your name, address, and Equifax User ID, as well as a clear statement that You do not wish to resolve disputes with Equifax through arbitration.
While this requires that you are proactive, it will help protect yourself from the impact of the arbitration provision in the websites terms of service.
You should also check your other contracts and service agreements. Arbitration Provisions like those used by Equifax are very common. According to the Consumer Financial Protection Bureau, a government agency dedicated to protecting consumer rights Arbitration Provision do more harm to consumers than good. In response to the harm consumers suffer as a result of service agreements and contract that include arbitration clauses, the CFPB recently issued a rule that prohibited them from being included in certain banking and payday lending contracts and agreements.
The new rule, which takes effect March 19, 2018, is not retroactive, so it does not cover those effected by the Equifax Breach, but it could very well affect you.
Unfortunately, the consumer protections offered by the rule may not be here long. As soon as the CFPB announced the rule member of the U.S. House voted to repeal it. A vote from Senate is needed to complete the final repeal.
A repeal of the rule would grant personhood to banks and corporation meaning that the rights of an entity have once again trumped the rights of individuals.
LINKS AND SOURCES