Published: 6/15/2018 10:09:52 PM
Modified: 6/18/2018 11:55:35 AM
When it comes to dealing with huge, data-driven operations like credit bureaus, Americans need to understand that they are not regarded as customers to be served. They — and the intimate details of their financial and personal lives — are commodities to be bought and sold. It’s a pretty good business, at least for the three leading credit bureaus — Equifax, Experian and TransUnion — which are hugely profitable, each recording billions in annual sales and raking in yearly profits in the hundreds of millions.
For consumers, however, it’s not all beer and skittles. From error-ridden credit reports to the deceptive marketing of “educational credit scores” to the massive data breaches that have put tens of millions of Americans at risk, the credit bureaus have proven themselves not only untrustworthy, but often incompetent. Their wealth, however, has allowed them to join forces with other members of the financial services sector to defend their positions of power by, for example, lobbying like-minded politicians to engineer the systematic dismantling of the Consumer Financial Protection Bureau.
In the face of all that money and political influence, many Americans — even those whose names, Social Security numbers, birth dates and credit card information were compromised in September’s Equifax data breach — just shrug. Seriously, wadaya gonna do?
Well, if you’re a self-described “civics nerd” from Randolph, the answer is: Sue ’em.
Jessamyn West, a librarian at the Randolph Technical Career Center who is also a privacy and online security activist, learned that her information had been compromised in the Equifax data breach at the same time that she was dealing with the details of her late mother’s estate. As she explained to staff writer Rob Wolfe in October, she imagined what her mother might have said: “They shouldn’t get away with this,” she told Wolfe. “People should get up and do something.”
And so she did.
Shortly after being notified of the breach — which affected nearly 150 million Americans, one of the largest such data security failures in history — West spent $90 to file a small-claims case against Equifax in the Orange County Courthouse in Chelsea. On June 4, Judge Bernard Lewis ruled in her favor. He ordered Equifax to pay her $600 to cover two years of online identity protection, along with the $90 filing fee.
Chalk one up for the little guy — or, as she described herself to staff writer Matt Hongoltz-Hetling, “the microscopic, can’t-even-see-me, speck of dust guy.”
But here’s the thing about specks of dust: Get enough of them together and you’ve got a landslide. As Hongoltz-Hetling reported, Equifax is now the target of a growing number of class-action lawsuits and small claims court cases, and a California college student has even created an online application to ease the process of filing a claim against the company. And just last month, a new law in response to the Equifax breach took effect in Vermont that regulates those who buy and sell personal information. That measure — the first such state law in the nation — has attracted the attention of lawmakers in other states.
There’s much more to be done to hold the credit reporting industry and other data brokers accountable. But Jessamyn West and the state of Vermont have shown us a path forward. Perhaps when faced with the specter of settling 150 million small claims lawsuits and complying with an avalanche of new state laws, companies like Equifax that profit off our personal information will decide that their money would be better spent on improving their abominable security standards.