For about two months this summer, hackers snooped around the computer systems of Equifax, one of the three major credit reporting bureaus, obtaining nearly half the U.S. population’s names, dates of birth, addresses and social security numbers. It only announced this a couple of weeks ago, so that social security number that you memorized while filling out your FAFSA has probably been floating around on the dark web for a while now, ready for someone to buy a car in your name.
But, you may think, ‘I’m only a broke college student! I have almost no financial activity!’
Almost is the key word in that sentence. Equifax and its fellow cartel bandits, Experian and TransUnion have your credit data sitting somewhere in their servers. Unfortunately, they are what Rohit Chopra, a former assistant director at the Consumer Financial Protection Bureau, calls “the plumbing of our financial system.” The trio makes its living finding data about you, then reselling that data to marketers and loan sellers. Creditors depend on the cartel to formulate credit scores that are supposed to suggest your financial trustworthiness.
You may not have asked for an institution you’ve never heard of to keep your most private information, but it does. It was in the fine print of the social contract you never signed. It’s a cost of being alive, really.
It doesn’t need to be though. This isn’t a problem of foolish consumers giving away their information to phishing scammers. Rather, this privacy and financial diarrhea on the everyday American is a symptom of the free reign the government has given financial institutions like Equifax.
This wasn’t even Equifax’s first data breach. In May 2016, the company leaked 430,000 names, addresses and social security numbers to hackers. Equifax then settled a lawsuit about the breach and promised to fix its security. In early 2017, the company went through another data breach, perpetrated by the same hackers as the summer 2017 breach.The former CEO’s testimony to Congress revealed that the sensitive data hackers stole wasn’t even encrypted, either.
Equifax demonstrated time after time that it had no regard for the people whose data it holds. If one wants to freeze their data at Equifax — the only way to prevent unauthorized credit access — then they would have to pay Equifax a fee every time they wanted to freeze and thaw their account. Additionally, Equifax’s stolen data could be used at other credit bureaus, meaning that you would have to pay two other companies to lock your credit, too. Another bureau, TransUnion started offering “credit protection.” Interestingly, registering for this “protection” would sign away your legal right to sue. It had no shame in peddling to anxious people who had spent a lifetime building their credit scores a “solution” that would bind their hands.
This Equifax mess is just a symbol of what is happening in the broader economy. The enforcement of data privacy is the Federal Trade Commission’s responsibility. Yet, the institution is limited in the size of fines it can impose on companies. With such small fines, there is little incentive for companies to improve their cybersecurity. While we have this wave of bipartisan Equifax criticism, legislation action to impose higher data privacy standards is a must.
Americans should not have to pay for the greedy irresponsibility of its corporations. If America really wants to give a hand to its hardworking citizens, it must take its hands out of the financial industry’s pants and get to work creating concrete regulations that will protect Americans.
