 | | I got my $5.21 check too. For those who don’t remember, the original settlement for the 2017 data breach was supposed to be $125. But they had “unexpected response” so the final settlement ended up being about 4% of that. It’s kind of an insulting payment after Equifax leaked names, Social Security numbers, birth dates, addresses, and some drivers license and credit card numbers. Info on the original settlement: https://arstechnica.com/tech-policy/2019/07/you-can-go-claim… |
|
| | Yea, when I read that the claim group had ballooned I changed my ‘compensation’ to be 5 years of their crap service for identity theft monitoring. I figured that was worth more than $5… though it is debatable. |
|
| | Of course, that’s really 5 years of Experian trying to upsell you to their paid (out of pocket) services. Why can’t I set it to email me only if there’s a change? Why does it need to send me email every month? |
|
|
|
| | Strange, I got $22.82. I was honestly expecting around $5 but I’m not complaining. I’m not sure what I did differently. |
|
|
|
| | That’s about what I got. I remember there were a few different avenues to get different types of compensation. One was reimbursement for any costs incurred because of the breach. I had bought some identity theft insurance at some point after the breach so I claimed that. As well as some other stuff, maybe a credit karma thing. They sent all kinds of requests for information after that trying to disqualify any and all claims, which I don’t think I actually did. But I did end up with a whopping $21. |
|
|
| | Has anyone been able to show damages? I get the fury at Equifax. I personally refuse to unfreeze their reports. But it’s looking increasingly like a leak that was shocking but moderately harmful at worst. |
|
| | Has any leak ever resulted in someone saying they could clearly id damages from a specific leak and then get compensation from the company who leaked it? We aren’t even told when a government entity looks at and uses our private information. How in the world would we know when a criminal does, and how would we be able to say they looked at that specific leak instead of one of the other 10 possible sources of my leaked private information? Maybe it is time to pool the damages of all identity thefts together, (about 56 billion in 2021) and split the bill (+ maintenance and administrative costs for managing the money) across all businesses that have leaked private data. That money could be used as a resource to all identity thefts victims to be made whole. |
|
| | > time to pool the damages of all identity thefts together You can’t pool something you haven’t measured. This is a genuine question. I had thought we’d have demonstrated liability by now. |
|
| | As far as I’m concerned, every single act of identity theft that occurred after the breach where at least one piece of data leaked in the breach was used, are damages. Sure, it might have happened anyway, but it doesn’t really matter which illicit source they got it from it was available anyway. Just like in an assault/homicide case, if a victim has a heart attack and dies soon after you assaulted them, you can’t prove that the attack led to the heart attack. Could just be bad timing. But most courts and juries would likely find the assaulter guilty to some extent. |
|
| | I had someone walk up to the ATT counter at a Walmart in Arkansas and purchase two brand new iPhones, transferring my SIM ID and deactivating my phone on a Sunday afternoon. Fortunately I noticed immediately and cancelled the SIM to prevent MFA issues with banks and whatnot. In order to do what they did, they needed to show a fake Driver’s License with all of my exact information, and I have an extremely common surname. I cannot prove it was due to the breach but given the timing and my surname it seems likely. As it happens, ATT paid for the phones, I suffered some minor inconvenience but it could have been much worse. I’m a bit surprised ATT hasn’t gone after them legally, because they were likely the financial victim in many similar schemes, but perhaps they have insurance for this sort of thing. |
|
| | I got a fraudulent tax filing that year, as did my sister and several of my friends. Can we prove it’s due to the leak? Not really. It’s hard to prove something like that. But I’m still very convinced. |
|
| | Yes, I had to freeze my identity and ad a fraud alert and have had to spend time to remove those and had creditors deny me for having them. |
|
|
|
| | Actually, I think the credit monitoring I got was from Experian. Or maybe that was from some other data breach, and I’ve mixed them up… |
|
| | Good thing you can opt out of your data being collected by Equifax, right.. right? Seriously though, how did credit scores come about and was there any resistance at all at the time to peoples’ financial information being collected en mass by private companies? |
|
| | The entirety of modern American society is built on those scores. You want life without it? Go to a developing country and suffer a life of poverty with few avenues to build your credibility – and likewise, few avenues to escape poverty. |
|
| | How else would you do risk management for loans? Without credit bureau where would the loan originator determine the risk of the loan? Would each individual be responsible have to store all payments and receipt of payment and submit that? Or do we just blend the risk with everyone so if you always paid your loans on time, you pay the same rate as someone who has a loan write off and is 3 months behind in loan payments? |
|
| | Here’s how they do it in Belgium: https://finance.yahoo.com/news/belgium-deals-credit-without-…. They have a public credit bureau hosted by the national bank that records all the loans and credit. The data is not for sale to just about any company that is willing to pay for it, the individual has to give permission to share it when they apply for a loan. There isn’t such bullshit as in the US where you practically have to push your student to get a credit card “to start building up a credit score.” The system works well enough that there’s hardly any debate about it. |
|
|
| | >They have a public credit bureau hosted by the national bank that records all the loans and credit. So basically the same as credit bureaus in the US, but it’s a government monopoly? Given how well other government agencies work at least in the US (eg. DMV), I’m skeptical that waving a “government” wand would magically fix stuff. >The data is not for sale to just about any company that is willing to pay for it, the individual has to give permission to share it when they apply for a loan AFAIK that’s also the case in the US. When you open a bank account/apply for a credit card, somewhere buried in the terms and conditions is a consent for a credit check. >There isn’t such bullshit as in the US where you practically have to push your student to get a credit card “to start building up a credit score.” In the US at least, the reason why it’s commonly advised for students (and other young adults) to “build credit” is to build up a history of credit usage and repayments. I don’t see why the same dynamic wouldn’t exist in Belgium. Your own linked article says “Later, it added positive marks as well, allowing “no credit” and “good credit” to be distinguished”, which suggests the same dynamic would exist in Belgium. |
|
| | Firsthand experience: DMV experience comes down to funding. Ohio BMV is basically a pleasure and a joy to visit every time I interacted. Staff was competent, offices were laid out logically, and time to completion was measured in minutes. Texas, on the other hand, funds offices relative to the proportion of tax base in the area (this also disproportionately affects minorities, I’ve seen). Some areas are like the general Ohio BMV. Others one could reasonably point to and say getting an ID there is so difficult that it must be the goal (like voter suppression). At one of these, I waited over 5 hours in line only to find they skipped my number and wouldn’t let me come back. We showed up 1.5 hours before opening and were in the line that wrapped around the block. Wait time after their screwup would have put getting services after closing (i.e. wasn’t happening that day). I got lucky the second day I took off of work to get my license changed. But areas with higher tax base (Hebron area in Carollton, TX, part of Austin, TX, etc.) you get in and out quickly. For government services you get what you pay for when you put appropriate monitoring in place. |
|
| | > Firsthand experience: DMV experience comes down to funding. >you get what you pay for when you put appropriate monitoring in place That’s the problem, isn’t it? Recall my original comment: >I’m skeptical that waving a “government” wand would magically fix stuff. Sure, we might get the Ohio DMV experience, or the Texas DMV experience. It’s not as simple as “nationalize it”, and it turns out swimmingly. Given that such a database would have to be federal, you can expect all the federal level politics (eg. fundings/defundings, gridlock, government shutdowns) that go along with it. |
|
| | I can only speak of Germany, where we have the equifax-like SCHUFA. > somewhere buried in the terms and conditions is a consent for a credit check. That’s luckily not allowed (as many other burial tactics) and has to be very visible and explicit. Though in the end that doesn’t change much because it’s not as if you have a choice (outside of saying no thanks to the whole thing) > which suggests the same dynamic would exist in Belgium. It doesn’t in Germany. If they don’t know you at all (= no contact with the banking system whatsoever), you are rated higher risk, but just having a bank account for some time is enough to have a good score. Until data protection laws came along, they even charged you to see your own data, nowadays at least you get it free once per year. IMO the biggest differences are the lack of having to “build credit”, the incidental lack of an SSN that can be leaked, and the lack of companies allowing someone to wrongly take out a loan in your name and somehow making it your issue instead of theirs. |
|
| | In Belgium, you have National Number which is basically YYMMDD-XXX-CC where YYMMDD is the birth date XXX is the sequence number of a newborn that date or one of the yet unused numbers for foreign-born CC is the mod 97 of 2YYMMDDXXX for those born over 1980 or YYMMDDXXX for the others which means that it is easy to remember and not really a secret, unlike SSN. As a side note, local bank accounts, wire transfer reference numbers, and company numbers also follow the same pattern of 9..10 digits + mod 97. Compared to the Luhn algorithm for checksums used in the rest of ther world, these are a real joy to see and use. With so much fuzz about Estonian digital state, I wonder why Belgium does not get the much deserved praise for implementing the basics just right. |
|
| | The DMV example is a poor one, every interaction I’ve had with their offices were quick, professional and cheap. Compare that to the bureaucracy and scammy nature of of car insurance providers, and it’s a night and day difference. |
|
| | > Or do we just blend the risk with everyone so if you always paid your loans on time, you pay the same rate as someone who has a loan write off and is 3 months behind in loan payments? This is how it works in Denmark for property mortgages. There is security in the house and up to 80% of the house price can be lent. It’s up to the credit institution and bank to decide whether to approve you for the loan based on an expense budget provided by you, pay slips for the past 3 months and the property valuation. Bank provides the contact between you and the credit institution as well as budget vetting, the credit institution sells bonds to investors to raise the money for the mortgage. Risk is spread over the bond series and is carried by the credit institution. We have some of the lowest mortgage rates anywhere. Current 30 year rate is 5%. This is after a huge hike in the last year after having been at 0% or even negative for at least 5 years. So yeah, for large investments like property mortgages with considerable security drop the credit rating and spread the risk across enough people. On average it will be cheaper. |
|
| | Well for starters you could voluntarily submit your repayment history to one of a pool of competitive good-for-the-money record keepers, rather than it being involuntarily hoovered up by a state sponsored oligopoly. |
|
| | That’s basically what you have now – every single reporting agency somewhere in the giant ball of terms and condos states that they’ll report on you to credit burros. You can avoid it by avoiding any of those accounts. Whether that is possible practically is another question. |
|
| | > Whether that is possible practically is another question. Well it’s sort of the key question though right? The incentives of the credit reporting agencies are fundamentally unbalanced because the average consumer has no meaningful input into their behavior. If could practically avoid having my information sent to bad actors they would be incentivized to treat my data with care. This is an example of where good government regulation can be introduced (giving consumers the option to opt out) rather than what I would consider bad government regulation (trying to specify how the companies should behave directly). I believe in the free market but I also understand that there are cases where incentives are incorrectly balanced and we need a neutral party to make sure all incentives are properly accounted for. |
|
| | >If could practically avoid having my information sent to bad actors they would be incentivized to treat my data with care. who are the “bad actors” in this case? Equifax? Whoever equifax sold the information to? Whoever equifax got the information from? >This is an example of where good government regulation can be introduced (giving consumers the option to opt out) rather than what I would consider bad government regulation (trying to specify how the companies should behave directly). As the parent poster has mentioned, you can already “opt out” by not getting a loan. I agree that it’d be nice if some government regulation allowed to you to have your cake (ie. get loans) and eat it too (not have it reported), but there are two obvious problems: 1. One man’s “private information” is another man’s free speech. Why should a company be prevented from making true statements about its business dealings with you? You can leave nasty yelp reviews for businesses that have behaved inappropriately. Why shouldn’t businesses be able to leave nasty credit reviews for individuals that failed to make payments? 2. On more practical level, opting out might put you in a high risk pool. Part of the enforcement mechanism for repaying loans is that if you don’t, your credit gets wrecked and your life becomes harder. If you opted out of credit reporting, that’s one enforcement mechanism that a lender wouldn’t have, and therefore will adjust accordingly. Going back to the yelp analogy, imagine if yelp allowed businesses to opt out of reviews. Would you want to go to such a business, all else being equal? |
|
| | > you can already “opt out” by not getting a loan Just wanted to comment on this to say: This is impossible. The reason why it’s impossible is subtle because it comes from a source you’d not expect: Utility payments (power, gas, water, sewer, cable, internet, satellite, etc.). Utilities are always charged and paid for after they’re delivered, and are thus loans and reported to the credit bureaus. Also, credit bureaus don’t just report on loans/debts. They also report on public proceedings that may or may not have financial consequences. And your employment record is also reported by many company’s HR departments to these same bureaus. So, short of going Ted Kaczynski (and even he had enough of a public presence to probably also have a credit report), you will exist in all of Credit Bureaus’ databases. |
|
|
| | > The incentives of the credit reporting agencies are fundamentally unbalanced because the average consumer has no meaningful input into their behavior. Howso? The lenders are obligated to submit truthful data, and under FCRA you can dispute fraud and incorrect data. And the FICO/Vantage scoring system can be computed from the data, they don’t just spit out a hidden number generated by some ML model. |
|
| | >And the FICO/Vantage scoring system can be computed from the data, they don’t just spit out a hidden number generated by some ML model. AFAIK those models aren’t public. If you search around you’d find some vague factors and aproximate weights, but nowhere near enough data to reproduce the scores yourself. For the typical consumer and company, they’re a black box just like a ML model. |
|
|
| | “Credit rating agencies” =/= “Credit bureau”. If you read your own link, you’d discover that the former refers to companies like “Moody’s Investors Service, Standard & Poor’s, and Fitch Ratings”. Needless to say, those are separate entities from credit bureaus, which are companies like equifax, transunion, and experian. |
|
|
| | The average HN reader isn’t a telepath. If you posted a link about a different subject without any accompanying explanation about why it’s related, and other readers get confused, that’s on you. Your follow up reply makes the same mistake, but it’s worse because it’s obvious that at least one person isn’t seeing the connection, yet you don’t make an effort to provide such an explanation. |
|
| | This is what’s called a ‘contract of adhesion.’ If no part of it is negotiable, I don’t think one party should be able to just endlessly add terms for their own convenience. |
|
| | Switzerland had banking secrecy laws for the longest time (still do to some extent) that prevent this sort of mass collection of payment data. And yet they had a comparable credit / GDP ratio to the US and above the world average [0]. So your claim that one can’t do lending without involuntary mass data collection is empirically false. [0] https://data.worldbank.org/indicator/FS.AST.PRVT.GD.ZS?end=2… |
|
| | One novel method that auto insurers have been experimenting with is voluntarily reporting data that can only help, not hurt. So, for instance, if you install their monitoring device in your vehicle and it shows that you don’t drive in risky ways, you qualify for a discount. If you choose not to volunteer this data, or the data shows that you’re a risky driver, you pay the base rate. Now, is that really “volunteering” the data, or do you end in up roughly the same position as with the credit bureaus, where you need to turn over lots of personal information to get reasonable rates? I think reasonable people can disagree about that. |
|
| | Careful. What seems to really happen is they jack the base rate up a bit, and their threshold for safe driving is “never speed, at all, or use more than 10% throttle or 25% brake” |
|
| | > One novel method that auto insurers have been experimenting with is voluntarily reporting data that can only help, not hurt. So, for instance, if you install their monitoring device in your vehicle and it shows that you don’t drive in risky ways, you qualify for a discount. If you choose not to volunteer this data, or the data shows that you’re a risky driver, you pay the base rate. How is this help, not hurt? Insurers are tightly regulated in most states, and the sum of the premiums for a group can’t be mlre than the losses for that group plus an allowed profit margin. If you give someone else in my group a discount, that’s coming out of my pocket in some form or other. (Of course, if the discount encourages them to drive in a way that reduces losses, that could be money going into my pocket too; either way, I’m not letting them snoop on me, thanks) |
|
| | This works for things like car insurance because most people aren’t driving secretly insured cars they don’t tell other insurers about, and because many of the factors determining your car insurance rate are cited by the state. It could work for loans too, but it’d require creating a state agency which… well, I decided not to post that surely unpopular opinion. |
|
| | We have loan in France, and not credit score. My understanding is that your income and work contracts are inspected, and that banks can see your other loans / lines of credit. The rule of thumb is that your loans payment must not be above 1/3 of your income. To check your income the bank will ask you for a tax document and pay stubs. People buy house and cars, and the country did not start the sub primes crises in 2008. Seems to work well enough. |
|
| | Glad to see it still works like that. There’s also a government-managed register of bad payers (called “interdit bancaire” – literally “forbidden from banking”) for which there’s a lengthy process to get onto that may involve court action – the lenders literally have to take you to court. This means there is a due process to get onto the register, and a simple misunderstanding or fraudulent company can’t ruin your credit (unless they want to lie to a government official and potentially to a court). |
|
| | Someone else’s on-time mortgage payments were reported on my credit score for years after I turned 18. I ended up with amazing credit for it. These companies can’t even keep track of what they’re purportedly supposed to keep track of, why should they continue to exist as they do today? |
|
| | I’ve had the opposite experience sort of. A company sold my home loan off as-is common and failed to close the account. They reported me as delinquent to the credit bureau. So I did the thing you are supposed to do, repeatedly contacting mortgage loan fools to inform them my account is in good standing (took three times) and of course filing a dispute with the credit bureaus. After having a credit score north of 700 for over a decade that was at 780 at its peak, my score dropped to around 600. I was horrified. It’s been a year and it still hasn’t recovered and is currently around 700 through no fault of my own. The only debt I’ve had since 2018 is home loans. Fuck them all. |
|
| | That should be criminal, or at least have some civil liability because I’m pretty sure you’d be able to prove damages. Insane that there’s little to no recourse for this at all, and that none of the parties responsible for such an error will be held responsible for them. |
|
| | I’ve had a few lucky mistakes in my credit favor, but nothing like that! It shouldn’t be surprising that you take such a principled position in light of that, but it is. Good show. |
|
| | I figure it could have just as easily been a mistake that wasn’t in my favor that I’d have to spend years sorting out to my detriment. |
|
| | I like the current model of risk management, but the problem is that if a bank is defrauded by someone pretending to be you, you’re on the hook. That is, the credit bureau doesn’t do a good enough job verifying identity. |
|
| | And it’s completely ridiculous that that isn’t entirely the bank’s problem and you should be able to sue the credit agency for libel. |
|
| | It’s because they call it identity theft. It’s not the bank getting defrauded but you having your identity stolen. Someone steals $1000 from a bank, they come to you and say hi he said his name was kmonsen so we would like to get the money back from you. |
|
| | >That is, the credit bureau doesn’t do a good enough job verifying identity. Credit bureaus routinely report false information and defame people based on false/unverified information that they don’t even attempt to properly vet. If some random person called me on the phone and reported that you were a sex offender, and I dutifully repeated that to every job you applied for, every apartment you tried to rent and anyone else who asked me, I would be guilty of defaming you and responsible for damages. It should be no different for so-called credit reporting agencies. |
|
| | The problem is in the US they’re not ‘credit bureaus’. They’re largely unregulated and unaccountable for-profit private corporations. Couldn’t buy a home or had to pay higher interest rates because one of these private credit reporting companies had inaccurate information on your credit report? Well sucks to be you and the credit reporting company is in no way liable for your loss. The fact that Experian, one of the ‘big three’ credit reporting corporations in the US, is offering to boost your credit score if you install their app is a damning indictment of how misguided and contrived the US credit rating system is. |
|
| | > How else would you do risk management for loans? Government-run credit-bureau, like Thailand’s National Credit Bureau (NCB), that isn’t trying to make a buck. Bank of Thailand (who are behind NCB) is also responsible for Prompt Pay, which is a most-excellent and ubiquitous QR-code and cell-number based instant payment system. American retail banking appears to have been screwed hard by “leaving it to the markets”, where government intervention and threats have given us Faster Payments (UK), SEPA Instant (EU), Prompt Pay (TH) etc |
|
|
| | >American retail banking appears to have been screwed hard by “leaving it to the markets”, where government intervention and threats have given us Faster Payments (UK), SEPA Instant (EU), Prompt Pay (TH) etc Looking at this comparison table[1], it seems like the options in the US (Zelle and RTP) arrived in similar timeframes to RT1 in the EU? [1] https://en.wikipedia.org/wiki/Instant_payment |
|
| | Why am I still receiving ACH and e-check payments from my clients then? Genuinely, I don’t know the answer to this — maybe the US account Wise provides me with is limited? Additionally, every time a Bitcoin maximalist shows up, if they’re American they’ll tout “fast, cheap payments!” and “right, but what if you wanted to make a transfer to a different bank AND on a weekend?!” as benefits, which are the benefits much of the developed world already has and doesn’t think twice about any more. |
|
| | To add, the quick payment interface of India, UPI. Unified Payment Interface. Central Bank defined the rules. Every bank follows it. Money still gets settled as regular in behind the scenes, but on front end, customer sees money moving instantly, no fees. Money moves between super verified accounts or customers only. |
|
| | You can always just keep information about ppl that don’t pay their loans, instead of keeping information about ppl who did nothing wrong.
This system is hellish. |
|
| | you _could_ do it Plaid-style, where you consent to share your history (either raw transactions and liabilities to run through a model, or a pre-calculated score) with a potential creditor. That would solve the formal consent problem. But the essence of it is the same: unfortunately, you have to furnish your verified history to every creditor rando if you want their money. |
|
| | Also, they can’t really verify what you give them. Income verification is already “hopefully they aren’t lying” for low-risk credit cards and “we have to call their employer to verify this income” for high-risk loans like housing loans. Verifying this amongst dozens of auto loan departments and credit card operations, likely with different hours of operation, would be extremely labor intensive which is why everyone gets to pull applicant credit history from a central database to determine creditworthiness if they also contribute to that database. |
|
| | You’d have loans that tie back to physical objects that can be repossessed – and the down payments would be large. And if someone fraudulently defaulted you’d pursue criminal charges. It’s totally workable but it would cut consumer spending considerably. You could even still do credit cards – just require them to be backed by the amount in cash. |
|
| | This is basically how things used to work. The drawback is that young people with no credit can’t build credit easily. You’d be disproportionately favoring those familial lineages with assets and losing out on a huge potential customer pool. With better centralized data it’s possible to having something of a win-win where banks get more customers and people can bootstrap their own lending reputation without having the last name “Jones”. Of course there’s the tradeoff that you have to trust an institution to be a good steward of that data… |
|
| | What would be the negative effects of that drawback? Higher wealth inequality? Increasing age for first time home buyers? The ability to build credit isn’t actually an advantage in and of itself. In most other lines of business, if the business tried to point to “we’ve given you more opportunities to prove yourself a worthy customer” as a perk we’d laugh at them. |
|
| | By having a local banker who makes risk assessments based on your reputation in the community and history with his bank. Neither are perfect, I prefer privacy but I don’t know what is the socially optimal way to protect privacy and promote investment |
|
|
|
|
| | > How else would you do risk management for loans? Gee, I wish there was a method for two counterparties to record a transaction publicly and pseudo anonymously so that one might be able to display a mathematical proof of satisfactory fulfillment (or not) of an agreement.
Well, that’s just crazy talk |
|
|
| | > How else would you do risk management for loans? Without credit bureau where would the loan originator determine the risk of the loan? Would each individual be responsible have to store all payments and receipt of payment and submit that? You act like this is ridiculous but the fact of the matter is that I would prefer that, because ultimately the difference agency in this situation I provide the lender my information that I control, in any other scenario my agency has been taken away by an outside group, whom I may or may not trust. Hell imagine how different everything would be if instead of the Credit Unions working for the lenders I instead paid for a service myself that performed this service for me. The difference being one is done to me the other is done by me. |
|
| | > You act like this is ridiculous but the fact of the matter is that I would prefer that, because ultimately the difference agency in this situation I provide the lender my information that I control, in any other scenario my agency has been taken away by an outside group, whom I may or may not trust. This wouldn’t work, because borrowers would only present receipts for credit they repaid on time while withholding information about lines of credit they failed to repay. The point of credit history is that it exposes your past payments or failure to repay. It’s not an equivalent system if borrowers can just conveniently forget to mention the other loans they didn’t repay |
|
| | > It’s not an equivalent system if borrowers can just conveniently forget to mention the other loans they didn’t repay Which is, of course, what we currently have, except it’s the businesses who are able to “conveniently forget to mention” instead of the borrowers. I pay myriad bills on time and in full every month, but only three of them–all loans–report my positive payment history to credit bureaus. Yet all of them, from mobile phone providers to landlords to utilities to insurance companies, insisted on being able to look at that payment history. They get the benefit of being able to evaluate me on an incomplete set of data; why shouldn’t I get the return? (The answer as always is that we don’t have any leverage. Simply saying “well, then don’t use those companies” is a non-answer when every company does it the same way and all of them lobby government to keep it that way.) |
|
| | >Which is, of course, what we currently have, except it’s the businesses who are able to “conveniently forget to mention” instead of the borrowers. >I pay myriad bills on time and in full every month, but only three of them–all loans–report my positive payment history to credit bureaus Okay, but the reason for that seems to be due to practicality reasons rather than some sort of concerted effort to oppress consumers. The types of accounts that do get reported to credit agencies (off the top of my head: credit cards, student/car/personal loans, mortgages) have one thing in common: they all have high dollar amounts in at least one of: monthly payment, total owed, and available credit. Being able to stay on top of payments and/or not get into debt spiral provides a much stronger signal about your credit worthiness than you being able to afford the $100/month electric bill. Therefore, bills typically don’t get reported, and presumably that’s factored in the credit models. After all, the bills that you mention are mostly mandatory (eg. utilities), so it’s reasonable to assume that if you don’t have any such bills sent to collection, that you got those bills and paid them on time for all of your adult life. |
|
| | Many places will report a debt to collections but not also send in data that you’ve been making regular payments. |
|
| | There is nothing stopping a company from offering credit using this strategy. They don’t have to source their credit rating from an existing credit agency. Why would someone want to give credit this way, though? If the rating is provided by a company that is paid by the person requesting credit, why would the company giving credit trust it? |
|
| | And there’s also a middle ground where you could subscribe to a credit agency and own the data which you could have them supply to a potential lender. |
|
|
| | There was a very cool exhibit at the Baker Library at Harvard way back from the archives of Dun an Bradstreet that showed their 19th century version of a credit check product. It was basically just freeform notes about businesspeople like, “Joe is said to be a man of high moral virtue, though it is said that he is often delayed by family matters,” or whatever. Super interesting! https://library.harvard.edu/collections/rg-dun-company-credi… |
|
| | > Seriously though, how did credit scores come about Consumer demand. If given the choice between a lower rate loan that utilized people’s centrally collected credit history or a higher rate loan that didn’t rely on any centralized organization, the vast majority of people would take the lower rate loan with a credit score. It wouldn’t even be close. The bottom line is that centralized credit reporting is necessary to achieve the lowest rates. The threat of a reduced credit score is necessary to get a lot of people to pay back loans. |
|
| | Those solicitations I get in the mail to join class action suits always seem phishy to me, and I usually just throw them away. “There’s a class action suit against a company you bought capacitors from 9 years ago! Give us your personal information and you may be entitled to a payout!” Uhh… no thanks, that’s exactly what a scammer would say. How do people determine which ones are real, and what makes you decide to sign up? |
|
| | I search for the settlement and verify that there’s a real chain of news stories around it. Best to date was the Apple small developer settlement that paid out $8k. Previous was the Google/Apple non-compete settlement. I’ve never bothered with the consumer-focused ones. There are always so many class members you’re lucky to get a couple bucks – as in the OP’s case. |
|
| | But wouldn’t a scammer try to use plausible, real class action lawsuits to scam people? Or would a scammer use obviously fake class action lawsuits in order to filter for the stupidest people possible? Depends on how many people fall for the scam I guess. |
|
| | Facebook had to pay me $300. Waiting on similar from Google. Illinois’ Biometric Information Privacy Act has real teeth, and if you see a tech company claiming they want federal privacy legislation, it’s very likely with the goal of weaker federal laws which preempt BIPA. |
|
| | Are you scared of them coming after you for a non-disclosure / non-disparagement clause? Someone who isn’t me had a few of these because of breaches from other companies but can’t really talk about them. |
|
|
|
| | >> How do people determine which ones are real You can in principle look up the case numbers that should be present in the court documents explaining the settlement. Alternatively you can look it up in a public database such as [1], (also a good way to find suits you qualify for, if you so desire). [1] https://www.consumer-action.org/lawsuits |
|
| | it’s also weird because this seems like the universal style of class action lawsuits? why are they so poorly formatted in such a consistently bad way? some legal tradition? |
|
| | Meanwhile a share of Equifax stock is $198.31. It strikes me that data breaches might decrease in frequency if injured parties could choose whether to be compensated in cash or stock. If their negligence caused you to get pwned, you should get to pwn them in turn. Former Equifax CEO Richard Smith resigned rather than being fired, and got to leave with a $90 million severance package including $18 million of pension, although the breach is estimated to have cost the firm $700 million. He still sits on the board of Docusign. |
|
| | This makes no sense. Paying in stock works by either issuing new shares and diluting existing shareholders or buying the shares to give out. Either way, it’s a wash between getting stock and getting cash. If you want to see them impact, look at what shares prices do the day a breach is announced and the day it settles. The impact was priced-in long before, and shareholders already felt it. |
|
| | I like the idea of a Chief Liability (or Lamb…) Officer, a person who serves with the understanding that they’ll be the person who serves prison time for the felonious crimes of the corporation “I’d sign that purchase order, Bill, but our CLO is literally holding a gun to my head and sobbing saying it’s better this way” |
|
| | Why should all the other C-levels avoid jailtime for crimes committed by the corporation they’re responsible for by just having a literal official patsy? That seems like such a blatant way to put C-levels above the law for real instead of the defacto way they seem to be right now. |
|
| | (Hey, friend. I meant this as a lighthearted take. I have no power to write this into law) I don’t think at all anyone should do this cheaply haha. And imagine if the CLO told the board the other C-suite were squirreling secrets away. And individuals can always be indicted for fraud |
|
| | > Why should all the other C-levels avoid jailtime I don’t care if the C-levels (other than the CEO and President of the board) go to prison.
I want to see the CEO and ALL board members in prison for life with no possibility of parole. |
|
| | Oh of course if the CLO runs out of statistical life another would be appointed by the board only from the existing C-suite, even if the board is part court-appointed… |
|
|
| | That or the desperate. Seems like there are a lot of people who’d be willing to risk spending a year or two at a company with a very high salary even if there was a chance that in that year they might end up in some minimum security prison |
|
|
| | They already actually have that it is called the CISO or Chief Intentional Sacrificial Officer, sometime misinterpreted as Chief Information Security Officer. |
|
|
| | We got just the man, Barney Stinson. His job title will be PLEASE. Provide Legal Exculpation and Sign Everything. |
|
|
|
|
| | It looks about right. I’ve yet to see a class action suit where the individuals get any substantial money. I’ve heard of one where the settlement involved coupons for the product rather than cash. |
|
| | Keep in mind that class actions necessarily exist as a middle-ground mechanism. If the harm to each person were large enough, they would pursue individual claims. But in many cases, it is not worth people’s time to pursue individual claims because the damage is relatively minor. A little bit of harm spread over a large enough population, however, becomes a large amount of harm in the aggregate, so class actions are a mechanism for holding companies accountable in those situations. So you would not expect individual members of the class to be getting huge payouts. But you expect that the company is held accountable for the aggregate harm in a way that, if not for class actions, they would likely never be held accountable for. |
|
| | I would argue they have the opposite effect: They allow businesses a way to write off a crime with a minimal payout to some subset the harmed individuals, in exchange for the ability to be completely absolved of future lawsuits by people who were unaware at the time. |
|
|
| | I have a high school buddy that is a big class action lawyer. When he posts about winning a big case I’m always holding back from commenting asking how much he got paid vs the folks that were actually harmed. |
|
| | On one hand, yes, it’s a shame that the victims rarely get anything. On the other hand, anyone is allowed to opt out and sue on their own if they want to. The problem is that very few will because it’s not worth your time or money to sue someone for, say, $1000. As someone who wasn’t going to take Equifax to court, I prefer an outcome where some lawyer gets rich, I get $5, and Equifax gets a $500 million dollar fine plus a commitment to spend $1 billion on overhauling their security. The alternative was Equifax getting away with a few small-scale lawsuits that would have had total payouts in the low millions. In a more just world, Equifax would go out of business and the assets would be divided among the affected parties. The fact that that won’t happen isn’t your buddy’s fault. At the end of the day, sure, he gets high fees, but if the lawyers in the equifax case were to distribute their fees to victims, maybe I would have gotten $6 instead of $5? My point is, I’m mad at Equifax a lot more so than your buddy. |
|
| | Maybe you can bring it up in a way that appears guileless rather than accusatory? “Nice job dude! I bet you really helped out the victims — how much did you get them?” |
|
| | He would reply with big numbers: $100, $500 million, and so on. They don’t really communicate publicly in terms of the payout per capita although they do negotiate hard to increase the per capita payout (otherwise the total would be small.) |
|
| | It’s typically 30% of the settlement, and that’s why CA litigators are the rockstars of the legal world. |
|
| | All of the class actions where I’ve gotten back $5 or whatever have a document listing how the money is spent. Usually at least a third of it goes to the lawyers. |
|
| | Right, so in such a case, if the lawyers decided to work for free and give ALL the money to the class members, you’d get back a whopping $7.50 instead of $5.00. Really, these cases are mostly a way for lawyers to make money, because on a person-by-person basis there’s just not enough money to be made in pursuing legal action, but with millions of class members, the aggregate amount is pretty high, and 20 or 33% of that for the lawyers ends up being a nice paycheck. |
|
|
| | I was recently in a settlement for something like $4 and looked into it. My take is basically that in many class action suits there’s limited proof of wrongdoing. So it might not make it to court, and if it did make it to court it might be thrown out. Companies pay out since they aren’t sure either, but not for the full amount. The lawyers are investing in a suit with unstable ground. Because it’s so wishy-washy there just isn’t much money in it, and in consequence the payouts are limited. So I’m not sure there’s a better way to do it. I do wish the lawyers were more upfront about the above in their messaging to class members (like, “we don’t have enough definite evidence to get a conviction, but enough that it’s risky for the company, so we can settle for a lower amount”) as well as how much it will actually mean per individual, what consequences are likely for the company if the suit succeeds, etc. Not a lawyer (obviously) so if anyone has better info I’d be interested. |
|
| | My guess is that very sentence would be used as evidence in court – “see, even they don’t think they have enough to win!” Leverage in court, so it’d be used to lessen payouts. |
|
|
| | Apple Keyboard Settlement is targeting $300+ for people who had multiple repairs (free repairs) on their keyboards. |
|
| | IIRC, there’s three different tiers on this settlement, most fall within Tiers 1 ($50) and 2 ($150) and fewer will get the $250-300. |
|
| | It’s usually only 1 year of identity theft monitoring from some cheap under-equipped company to actually do anything about it! |
|
|
|
|
| | PayPal finally has a purpose… receiving all these settlements. Plaid’s recent settlement was a decent $35 which is about what it costs to get a new drivers license ¯_(ツ)_/¯ |
|
| | I also received my payout via PayPal but did not receive a notification so it sat in my account for several weeks. Was this intentional? I typically always receive notification when money hits my PP account… |
|
| | I received an alert, so it may not be intentional that you didn’t see anything (or an accident that I did). Paid for 1.25 months of GitHub since I don’t tend to use PayPal for much else. |
|
| | Interesting – yeah I just happened to log in to my account and see it there, I basically only use PP for receiving settlement checks at this point 🙂 |
|
| | I didn’t get any notification for the plaid payout, probably an exclusive service for the courthouse clients to keep the payout out of the news cycle? |
|
| | Risk management lawyers earned their millions, it seems. Hard to stay optimistic when nobody is holding big players accountable for hurting people. |
|
| | I didn’t get around to it, but with one of the class action suits over a breach, I wanted to object to the settlement because it mostly made the lawyers money, and, judging by how many breaches keep happening, doesn’t provide enough incentive for companies to take security seriously. If more people objected to settlements, judges might pay more attention. |
|
| | $5.21 should be enough to buy a new identity on the darkweb and rotate to it. For maximal security you should make sure to rotate your identity every 18 months. |
|
| | I got an email that says I could collect my 5 bucks, but it and the website it links to look incredibly shady and despite seemingly confirming their legitimacy with a bit of googling there’s no way I’m giving them any information for 5 bucks. |
|
| | When I got my credit report, I found that Equifax had recorded the previous selling price for my house. That… really makes me uncomfortable, and you have to ask the obvious: will lenders use the value of my house to decide if I’m credit-worthy? |
|
| | Transunion, Equifax, etc all have their own proprietary scoring algorithm which could already be using this data to compute your score. I used to work at one of these places – any bit of data they can use to enhance their score, they will try. |
|
|
| | You were allowed to bill for time you spent trying to repair Equifax’s damage. I spent 4-6 hours trying to verify all my various private banking details were still safe, so Equifax was happy to pay me for what they thought my time was worth (so I received like $19 instead of $5 lmao). |
|
| | I got about 3x what the OP got, but less than this. The payout schedule is probably published somewhere or at least as part of the settlement agreement. |
|
|
|
|
| | If our government wasn’t a corrupt shit show they would have been shut down over what they did, or at least their ability to manage the general public’s data. $5 what an insult. |
|
| | Mine got sent to an ancient address, and as far as I can tell there’s no way to update the address or have them resend it. Oh well… |
|
|
| | An email was sent in October asking if you would like a Paypal transfer or e-gift card instead of a check. |
|
| | Wouldn’t it make more sense for these payouts to be consolidated and donated to a non-profit (humanitarian) org? Considering the overhead of processing all these “micro” payments. Assuming most people got few dollars payout. Or at least give people the option to opt out of the payout. |
|
|
|
|
| | Usually the lawyers make most of the money. My favorite is that in church sexual abuse scandals the victims see close to no money, but the lawyers always get paid. |
|
|
|
|
|
|
|
