That should be ex-post-facto of the data breach (i.e. they leaked your data before you agreed to the TOS so you waive your rights to sue from that point forward). I'm not a lawyer and I wouldn't agree to this. I checked and I am affected. I'm going to sign up for LifeLock (because it's super expensive) and file a small claim to recoup the cost.
I'm curious as to wether any lawyers here can chime in on how well this TOS would hold up in court. I know when I went to check I was never shown the TOS or even a checkbox that needed to be checked to confirm that I agreed to the ToS with a link to them. It feels like the ToS are what comes with the ID protection service and were meant to apply only to lawsuits that might arise from using the ID protection service, but IANAL.
Yes, the TOS does require arbitration (including for actions that occurred before signing the TOS), but it's not clear if it applies to just the child company that is providing the credit monitoring service or if it applies to the actions of the parent company, too.
One thing I'm trying to wrestle with is why they would make you agree to arbitration for actions prior to signing TOS if indeed it applies only to the child company. Your relationship with the child company begins when you sign the TOS, no?
I really hope this puts Equifax out of business.