New legislation has been introduced in the Senate that would keep credit reporting agencies from charging consumers for freezing their credit. Senators Elizabeth Warren (D-MA) and Brian Schatz (D-HI) introduced the Freedom from Equifax Exploitation (FREE) Act in response to the Equifax data breach that left Social Security numbers and other personal data of 143 million people vulnerable.
Along with making credit freezes free, the bill would also:
- Require those credit reporting agencies to refund any charge for a credit freeze following the Equifax breach.
- Create a federally mandated requirement to credit reporting agencies to offer consumers a credit freeze or credit freeze removal.
- Prohibit credit reporting agencies from selling consumers’ personal data to marketing companies when credit is frozen.
- Allow consumers to request that a fraud alert be included in their credit file if they have the suspicion that the unauthorized disclosure of their personal identifying information harmed them, and extend the alert period from 90 days to one year, and can be renewed for an additional year.
- Give consumers the ability to get 2 free credit reports each year instead of one.
Senator Warren had this to say, “Credit reporting agencies like Equifax make billions of dollars collecting and selling personal data about consumers without their consent, and then make consumers pay if they want to stop the sharing of their own data. Our bill gives consumers more control over their own personal data and prohibits companies like Equifax from charging consumers for freezing and unfreezing access to their credit files. Passing this bill is a first step toward reforming the broken credit reporting industry.”
She is also launching investigations into the credit reporting companies Equifax, TransUnion, and Experian. In her letter to Equifax, she criticized the company for its initial response to the breach, saying it took too long to announce the breach and didn’t provide enough clarity about what happened. She also demanded answers to questions within 2 weeks including how many and what types of records were accessed.
Warren sent letters to the Federal Trade Commission and Consumer Financial Protection Bureau wanting to know what obligations credit reporting agencies have in reporting breaches to these agencies and the number of complaints they’ve received about the breaches. Further, she sent a letter to the Government Accountability Office asking for a review of the Equifax breach seeking information on current regulatory structure governing credit reporting agencies and consumer rights with respect to dealing with credit reporting agencies.
Preventing Social Security Identity Theft
Along the same lines as above, President Trump signed a bill into law on September 15, 2017, that combats identity theft by placing restrictions on when and how federal agencies can mail documents with visible Social Security numbers.
The Social Security Number Fraud Prevention Act of 2017 (H.R. 624) restricts federal agencies from publishing individuals Social Security numbers on documents sent by mail unless agency heads determine it to be necessary. This new law says regulations should include instructions for partial redaction of Social Security numbers on mail documents and that they can’t be visible on the outside of mailed packages.
Agency leaders should issue these regulations within 5 years of the enactment of the legislation.