In early September, my personal information - Social Security number, birthdate, address - and that of 143 million other users, was compromised in the Equifax security breach. This has been the icing on a very frustrating cake as I have wrestled with credit for months since moving back to the U.S.
I grew up in France, where I don’t know anyone who uses a credit card and the concept of a credit score is totally alien. Debit cards are just called “bank cards,” for which you are charged a yearly fee that provides fraud and identity theft protection. If you apply for a loan or a lease, you just need to prove you’re good for it - with documents like six months of bank statements, at least three months of pay stubs, your income tax assessment from the previous year, and perhaps a guarantor or two (the French love a good stack of paper). This can be onerous at times, but then again the only major debt that most French people take on is their mortgage, since most students graduate debt-free. Instead, French households save more than 11 percent of their disposable income, whereas Americans only save about 4 percent.
The best part of the French credit system: the credit reporting agencies of the United States don’t exist.
Since moving back to the United States six months ago, my credit education has been a rude awakening. I have been vexed at every turn by my lack of credit history. Although my parents put me on their U.S. credit account years ago to help me build credit (I am a dual national), I was told I did not have enough recent history when I tried to sign a new lease.
So, I set out to get a credit card of my own. For my first application, I went out for a card with a sign-on bonus and solid rewards, but was turned down because I didn’t have enough debt, like an auto loan or a mortgage. For my second card, with more modest rewards, I was turned down because I had applied for another card too recently (the one for which I was denied). After more than a month of rebuff, I ended up getting a starter credit card through my bank.
To add insult to injury, I’ve only been back in the United States for six months, and I’m already the victim of a large-scale data breach caused by a company that never received (or asked) for my permission to store my personal information. And though just one company failed to protect my information, I have still had to call each of the four major different credit reporting agencies (Equifax, Experian, TransUnion, and newcomer Innovis) to place security freezes on my credit report, paying $5 for each as a Massachusetts resident. Since Equifax has yet to clarify whether or not enrolling in TrustedID Premier, the company’s free credit-monitoring service, would waive my right to enroll in class-action lawsuit, I instead opted for a fraud alert through TransUnion, where I had to create an online account since their phone service can’t process new credit freezes outside of business operating hours. Apparently, I’ll also need to watch out for fake tax returns when the time comes.
This kind of credit horror story probably feels familiar to many Americans, in the wake of the 7,900 data breaches in the U.S. since 2005 that have compromised over a billion records. Unless we stop giving carte blanche to bad credit actors, my personal information will likely be compromised many more times. I can’t imagine getting used to the idea that I as a consumer should have to pay for a third-party’s failings in keeping my personal information safe.
The Equifax scandal provides an opportunity for Americans to demand better. We consumers should be able to control who is seeing our personal information. When our personal information is compromised, it should be the job of the company responsible for the breach to inform consumers directly and provide free access to tools like credit freezes that can protect our identities. And companies should not be able to force consumers to settle complaints through arbitration, as Equifax reportedly attempted to do when it signed consumers up for its credit monitoring service in the wake of the breach. Thankfully, the Consumer Financial Protection Bureau has approved a new rule to prevent financial firms from including clauses in agreements that require customers to settle complaints through arbitration - a rule that should be allowed to come into force.
Between the Equifax breach and the Wells Fargo fake account scandal, it’s more vital than ever that the interests of consumers in the financial industry be protected and that companies be held accountable. Consumers shouldn’t have to pay for a company’s incompetence and deserve stronger protections for their personal information.
Photo by frankieleon/Flickr licensed under CC 2.0.