Even as millions of consumers grapple with fallout from the Equifax data breach, Republican lawmakers are quietly backing legislation to deregulate credit agencies and make them even less accountable for wrongdoing.
Bills are pending in Congress to limit class-action damages for violations of the Fair Credit Reporting Act and to give credit agencies more latitude in profiting from identity theft protection products.
The legislation is part of sweeping efforts by Republican lawmakers to reduce oversight of banks and other financial-services firms, and to cripple or eliminate the Consumer Financial Protection Bureau, which has notched a successful track record of holding industry players accountable for unfair and illegal practices.
Democrats, for their part, introduced a bill Friday — the Freedom from Equifax Exploitation Act — that would require credit agencies to allow people to freeze and unfreeze their files at no cost, and that calls upon the CFPB to play a greater role in overseeing the companies.
Consumer advocates say the Equifax breach should serve as a wake-up call for Americans that the three leading credit agencies — Equifax, Experian and TransUnion — are focused primarily on earning cash from people’s personal information, not keeping such information under lock and key.
“Consumers are not customers of these companies — they’re commodities,” said Chi Chi Wu, a staff attorney with the National Consumer Law Center. “We have no say over what they do with our data.”
Ironically, the Republicans’ credit agency bills came up for a hearing this month by the House Financial Services Committee on the same day Equifax revealed that hackers may have gained access to the credit files of 143 million people.
Equifax’s shocking announcement was followed by reports that senior execs sold off shares in the company before the breach was made public and that consumers might not be able to sue because of an arbitration clause in Equifax’s terms of service.
The company subsequently clarified that the arbitration provision applied only to its credit monitoring, not the security breach. It then waived the arbitration clause in its entirety. Meanwhile, it was reported Monday that federal authorities are investigating the stock sales as possible insider trading.
Rep. Blaine Luetkemeyer (R-Mo.), who chaired the recent hearing by the Financial Institutions and Consumer Credit subcommittee, said the bills would “streamline regulatory requirements and eliminate inefficiencies” for credit agencies.
“The legislation discussed in the subcommittee today will better allow financial companies to serve their customers,” he declared.
Not really. What the legislation would do is reward credit agencies with greater regulatory elbow room and diminished accountability for screw-ups.
The FCRA Liability Harmonization Act is particularly noxious. Authored by Rep. Barry Loudermilk (R-Ga.), the bill would cap actual and statutory damages for class actions involving credit agencies at $500,000, and completely eliminate punitive damages.
Loudermilk said Friday that his bill “is aimed at curbing frivolous class action lawsuits against businesses under the Fair Credit Reporting Act,” which contains many of the rules for credit agencies.
When he introduced the legislation in May, he said that “a small technical error, turned into a lawsuit, can affect everyone in a business, including employees, customers and vendors.”
What Loudermilk ignores, however, is that a “small technical error” by a credit agency can have disastrous consequences for consumers — particularly if the agency, as is so often the case, shows little interest in fixing things.
Take the case of Oregon resident Julie Miller, who said she repeatedly reached out to Equifax from 2009 to 2011 to correct errors in her credit report. They included accounts she never opened, uncollected debts she never ran up and even a Social Security number that wasn’t hers.
Atlanta-based Equifax apparently had merged Miller’s file with that of another woman with the same name and a similar Social Security number. Yet the company shrugged off Miller’s complaints.
In 2013, a jury awarded Miller $180,000 in compensatory damages and a whopping $18.4 million in punitive damages, reflecting a sense among outraged jurors that Equifax just couldn’t be bothered to help a distressed consumer.
A federal judge subsequently reduced the amount of punitive damages to $1.62 million, citing the precedent of earlier cases. Nevertheless, U.S. District Court Judge Anna J. Brown ruled that Equifax “engaged in reprehensible conduct.”
Under Loudermilk’s bill, Miller’s compensation would have been limited to the $180,000 in compensatory damages, with no punitive damages possible.
The second bill under consideration by the House is the Credit Services Protection Act, introduced by California’s Ed Royce (R-Fullerton). This one isn’t as shameless as Loudermilk’s legislation but nevertheless contains pitfalls for consumers.
The bill would undercut an existing law known as the Credit Repair Organizations Act, intended to prevent so-called credit repair firms from fleecing consumers with exaggerated promises of being able to boost a sagging credit score.
Among other things, the Credit Repair Organizations Act prevents such firms from demanding advance payments before rendering a service.
Royce’s legislation would exempt credit agencies from the act and allow them to demand payment upfront. They’d also be able to keep “reasonable value for services” even if the consumer cancels within three days.
In other words, a credit agency could still pocket a consumer’s cash just for having opened a file in that person’s name.