It's relatively inexpensive for these companies to stay out of regulatory purview, at the cost of a few hundred thousand dollars each election cycle.<p><a href="https://www.fec.gov/data/receipts/?data_type=processed&contributor_name=equifax&max_date=12%2F31%2F2022" rel="nofollow">https://www.fec.gov/data/receipts/?data_type=processed&contr...</a>
Because in lending you need to rely on a data source to provide information about repayment behaviour, sanctions, fraud flags, outstanding loan volumes, historical loan volumes, etc in a neutral, reliable, verified, and consistent manner.<p>While in theory it's possible to calculate a credit score, the complexity of the reports these companies provide go much deeper.<p>Further, these companies operate across jurisdictions allowing for cross-border activities and economies of scale for MNC's.
CRAs maintain consumer credit scores which support consumer borrowing and lending - a large part of the US financial system. Experian could have (and perhaps should have) been disbanded after their data breach, but if you disband the category, who or what replaces it to track consumer creditworthiness?<p>Beyond credit scores, there's been a proliferation of "Know Your Customer" (KYC) requirements to reduce fraud and money laundering. The most common form of KYC is called "Knowledge Based Authentication" (KBA). This is when they ask you a series of multiple choice questions about previous addresses, schools, and employers. You usually have to get 4 out of 5 right to "pass". I paid cash for a new car from a Jeep dealership - before they'd complete the transaction, I had to pass KBA from Experian. I believe it was a state law that imposed the requirement.<p>I don't think it's practical to argue for the extinction of CRAs as a category. I do think it's practical to give consumers more control over their data - what is stored and where it goes. I've been tinkering on solutions for this, as have quite a few others in the data privacy community as well.
I understand why they exist, but they should be opt-in in my opinion.<p>example #1 : a teenager starting his first job should not have his data shared by default (it is useless for him and increase(I think) the risk that his identity gets stolen)<p>example #2 : when you go to a lender, he could say, yeah, we check with equifax, maybe you want to opt-in with them.<p>The fact that they are unavoidable are the problem in my opinion. It creates a kind of monopoly. If it was opt-in, maybe we would see more alternatives companies offering the same kind of service with better security and customer service.<p>P.S : There is an error in my file and I never bother to fix it, I never lived there, it is clearly a fraud attempt and this is their error, not mine to fix.<p>P.P.S : not an expert on the topic and maybe I am missing out on important details
incredible as it may seem to say, data security is a secondary concern vs the very concept of these businesses, which exercise enormous and often malign influence over the lives of citizens. Take together, the are in effect a privatised 'social credit' system which can stop you from getting a home, a car, a job, any kind of insurance, effectively cutting you off from healthcare and the rest. They are instruments of oppression, their private status providing US Gov moral cover and the permission to still claim 'land of the free'
First, Why they exist:<p>Banks share data with these services, so that all banks can mitigate risk.<p>Effectively, with all the banks providing information about their customers they can determine “future credit worthiness”.<p>It’s gone a bit further now and merchants can report you not paying and banks encourage every more data collection.<p>Banks that didn’t / don’t do this kinda of background check are actually breaking the law (KYC - “know your customer” - at least since 9/11, possibly before). As you could be providing funds to a terrorist (and that’s highly illegal).<p>To summarize, through regulation the government has strongly encouraged if not outright required these firms to exist.<p>To answer they question why haven’t disbanded them, well we don’t have the means to. Banks fund / elect politicians and if you step out of line (as kanye west did recently), they’ll debank and “cancel” you. Some politicians will push back on this; but it is rare and most have independent support (base, external large donor, ete)
These behemoths are a major vertebrae in the backbone of the US economy. Without Equifax, Transunion, Experian and Dun & Bradstreet a huge portion of economic activity would come to a grinding halt. The vast majority of sales of housing, cars, computers, phones, hot tubs, etc. are all reliant on on-demand credit scoring. We have made serious strides in regulating them, but disbanding them would be a financial disaster. Regulation has actually made the problem a bit worse since it has essentially turned the credit reporting industry into an oligopoly, further centralizing consumer data collection so attackers only have to hit a single target to get almost everything.
To get an overview of these (toxic IMHO) companies, I strongly recommend this episode of Last Week Tonight:<p><a href="https://m.youtube.com/watch?v=wqn3gR1WTcA" rel="nofollow">https://m.youtube.com/watch?v=wqn3gR1WTcA</a>
It’s actually quite amazing that we got the Fair Credit Reporting Act. It has real teeth. The only similar thing in the last 15 years was Dodd Frank and the CFPB. Something like the FCRA for privacy would be amazing.
The idea of government doing this is laughable.<p>Not on principle, but on reality. They’d be slow to get started, and change would take forever (short of legislation).<p>These companies exist to serve legitimate needs in the various industries they serve (as yuck as that statement may be) and have hundreds of years of experience judging people.<p>Yeah it sucks, but what’s the solution? Rely on people’s “feelings” about other people?<p>You’d bring back community bank managers in a heartbeat if you did that!
I think something like the FICO system is probably necessary in an economy that runs on unsecured credit. If the government ran it they'd just outsource it to the same kind of contractors who built the original broken healhcare.gov and the result would be even worse than what we have now.<p>The rest of it like WorkNumber and TLO is really bad but it's exactly what you get in a neoliberal economy with very little privacy protection.
I prefer the alternative: let's put an end to misusing these "most private data". Stop using them as secret keys that you should never share with anyone (except that you are also routinely asked to share your SSN on paper, over fax, through random company portals, and if it ever gets leaked it's your problem.<p>Let's stop using identification keys as authorization keys.
What do you replace them with? Lots of businesses depend on them.<p>How much does anyone care? Most people freely give much more intimate information to other companies.<p>How much will those billion dollar companies spend to survive?
It's not your data. It's the Banks data about you.<p>Do you have private notes about people you've met? Same thing happens with banks. Banks keep notes on how much you repay loans, how many loans you have, etc. Etc.<p>And the fact is, this data is very reliable. Prime Mortgages are paid back reliably. Subprime mortgages are not.<p>--------<p>If you are on the other side of the trade: deciding on which MBS to buy to secure your retirement income off of, you will be relying upon these statistics to keep your money safe.