Hacker News new | ask | show | jobs
by MichaelApproved 2858 days ago
In the US? No time soon.

The party in power is cutting regulations, not adding them. The customer has to watch their own back.

It seems simple. The free market will kill incompetent companies, right? Customers see data breaches and stop doing business with them.

Sounds good in theory but realistically, customers don't have time to do the research required for a completely free market to self regulate.
7 comments
FilterSweep 2858 days ago
It has less to do with research, even.

Equifax, like many Fortune-N companies, has a heavily funded sales and PR team working actively against your individual research.

Should you, as an individual, apply to a company or attempt to buy a product that has been “sold” the Equifax product suite, you’re still beholden to Equifax services(or leave without the job or house).

You’re effectively stuck, unless you have the resources(time/money) to look for employers or products that stay away from Equifax.

link
InitialLastName 2858 days ago
> Should you, as an individual, apply to a company or attempt to buy a product that has been “sold” the Equifax product suite, you’re still beholden to Equifax services(or leave without the job or house).

Worse, there's pretty much no way to tell to which companies and products this applies.

This isn't some fast food restaurant poisoning its customers. None of Equifax's "customers" got screwed by their data leak, only the targets of their "product" caught the ramifications.

link
pietroglyph 2858 days ago
The best part about the Equifax breach is that the people whose data was released weren't even the customers. Pretty hard to stop doing business if there wasn't any in the first place.
link
emodendroket 2858 days ago
It's not clear how I, an individual consumer, even choose to avoid doing business with Equifax.
link
dv_dt 2858 days ago
Don't do business with them is a bogus missive, but you could lock your credit with all the agencies and only unlock the agencies you care to do business with when requested. But that often makes things difficult and not all users of that data will have an account with an alternative provider. (nor is the locked access the only product for which your data is offered...)
link
bluGill 2858 days ago
You could make sure you put on all loan applications that they will not check Equifax. Probably they won't even know how to handle that though and will either reject you, or ignore it.
link
neffy 2858 days ago
And in practice, we also don´t have completely free markets, and even if we did, it´s highly unlikely that they would function the way current economic theory believes that they would.
link
r00fus 2858 days ago
The party in power is notorious for hypocrisy. Are no-bid contracts "free market"?
link
monksy 2858 days ago
> parties in power

We haven't had a lot of politicians that have been pro-human/worker/consumer rights in a while. We got a consumer regulatory agency. But when did you see them push back against actual troublemakers.

link
MichaelApproved 2858 days ago
> parties in power

Sounds like the usual "both parties are the same" nonsense.

I saw them push back all the time. They recovered billions for consumers.

The success of the agency is written about in many publications. Read up on it before putting it down.

One party enacted consumer protections and another party is working to rip it apart. There is a clear difference between the two.

Here's an example article highlighting the success of the agency and the Republican desire to end it http://fortune.com/2017/01/27/donald-trump-cfpb-consumer-pro...

link
givinguflac 2858 days ago
The consumer protection agency in the US was making great strides in pushing back against many bad players, including predatory lenders. Then the republicans gutted and defunded it, ending many investigations and siding with the scum feeding off the poor.
link
komali2 2858 days ago
Classic strategy, by the way. Defund, then point to it and say "see, it doesn't work!"
link
tunap 2858 days ago
And then jump on board? I always knew Timmy was just like Robin Hood... only different.

https://www.cbsnews.com/news/private-equity-firms-are-the-ne...

Note to self: one flavor of Kool Aid is good, the other flavor is bad.

link
ams6110 2858 days ago
We don't need regulations, necessarily. If people have been harmed, they can sue for damages.
link
roganartu 2858 days ago
If we take the Equifax breach as an example here, and every person affected sued for even a very modest amount (say $10) and everyone wins their cases then we come to something like $1.5bn in damages, plus legal costs. Sure, that will probably work in that $10 is a gross underestimate, Equifax's market cap is ~$15bn, and their legal costs defending that many cases would be significant.

However, consider that it is very likely a small minority of those ~150m affected people are actually in a position to spend the time, money, and effort in actually suing and you end up in exactly the position you are now: Equifax doing fine and suffering no penalty for their actions. Class action suits aren't really a better suggestion either because they are typically settled for pennies-on-the-dollar, with the lion's share going to the lawyers anyway.

Suing might make sense where there's a small number of affected people, or where the damages per person are much higher, but when we're talking less than $1,000 damages per person it's really just not worth each individual's time or money to do so. This is _exactly_ the kind of thing regulation is good at protecting against.

link
rndmize 2858 days ago
Things are actually even worse than you describe. There's been constant action to restrict the use of class-action lawsuits and move towards arbitration instead.

https://www.reuters.com/article/us-usa-consumers-arbitration...

https://www.currentaffairs.org/2018/08/this-burrito-includes...

link
emodendroket 2858 days ago
The fact that so many businesses want to kill class-action suits is, to me, a testament to how effective they actually are.
link
emodendroket 2858 days ago
Class-action lawsuits are the best tool we have -- even if the money each individual gets as part of a settlement is a pittance, in aggregate they do give companies at least some disincentive for unethical/illegal conduct.
link
wool_gather 2858 days ago
While I don't disagree that they're effective, I'd say "best" is not true. They're not any more effective than (enforced) regulation. The only difference is where the money ends up -- private sector lawyer pockets or the public coffers. All else being equal, I'd rather the latter.
link
givinguflac 2858 days ago
Yeah that $500 from Equifax will definitely fix broad systemic issues affecting the whole of society. Good call!
link
Buttercode 2858 days ago
Good luck suing Equifax because you couldn't buy a home with a mortgage because Equifax had a record of you having a "low credit score" using data they collected on you that you didn't consent to. The data Equifax collects on you is both damaging and non-consensual.
link
ams6110 2858 days ago
Assuming the data collected are not in error, you mostly did consent to it. Read the fine print of any lease, loan, or other credit agreement. They almost all say they will report payment history (particularly late or non-payment) to credit bureaus.
link
reaperducer 2858 days ago
They almost all say they will report payment history (particularly late or non-payment) to credit bureaus.

If that was the only data reported to credit bureaus, that would be great.

But "reputation data" is increasingly becoming important in this sphere. Are you Facebook friends with people with a low credit score? Do you drive through a dodge neighborhood on the way to work? Do you watch the wrong kinds of movies? Buy liquor? Stream the wrong shows?

It's all up for grabs, and with the "credit score" formulae locked up as trade secrets, there's no way to determine if your mortgage denial was because you were one day late with a cell phone bill, or because you stop at a red light next to a pawn shop enough times that your phone thinks you're a regular customer.

link
astura 2858 days ago
No, just no, this is complete and total nonsense.

FICO publishes exactly what makes up your credit score, straight from the horse's mouth:

https://www.myfico.com/credit-education/whats-in-your-credit...

The FCRA gives you the right to know what is in your file

In addition, the FCRA gives you the following rights (not inclusive):

-You must be told if information in your file has been used against you. Anyone who uses a credit report or another type of consumer report to deny your application for credit, insurance, or employment – or to take another adverse action against you – must tell you, and must give you the name, address, and phone number of the agency that provided the information.

-You have the right to dispute incomplete or inaccurate information

-Consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information.

-Consumer reporting agencies may not report outdated negative information. In most cases, a consumer reporting agency may not report negative information that is more than seven years old, or bankruptcies that are more than 10 years old

https://www.consumer.ftc.gov/articles/pdf-0096-fair-credit-r...

So if you get denied a mortgage, you'll know why, and it certainly won't be because you drive by a pawn shop.

link
astura 2858 days ago
Hacker News be like:

"Speech should be free and unlimited!!!.... Well, unless the topic of the speech is me, then I should be able to control 100% what what other people are saying about me, of course."

How you gonna sue someone for saying things about you that are true? That's not a thing (for good reason). Would you also sue a friend if you borrowed money from them and didn't pay it back and they warned others not to lend to you? Imagine how much a judge would laugh if you showed up to court saying "I didn't get a mortgage because I have a history of not paying my bills, I deserve compensation."

Nonsensical.

That's ignoring the fact that you actually consent to data sharing as a condition of obtaining credit products. And that's a reasonable condition with a business justification.

In the US it's politically infeasible to have any sort of government agency to collect this information, so it falls on the shoulders of private companies.

The data Equifax has on me is the exact opposite of "damaging." Because of data sharing I'm eligible for a broad range of credit products that I have gotten tens of thousands of dollars in value from. On top of that the information they collect about me allows me to pay a very small premium for car and home owner's insurance.

link
wool_gather 2858 days ago
> Hacker News be like: "Speech should be free and unlimited!!!.... Well, unless...

This isn't a real argument unless you can show that the one person you're actually responding to has held both these positions. This is just a forum where a bunch of people opine; it's not a political party with a documented set of beliefs.

link
PurpleBoxDragon 2858 days ago
Would the same apply to laws against assault/battery? If not, why shouldn't they?
link
ams6110 2858 days ago
No. Civil harm is something that can (for the most part) be remedied by payment of damages to the harmed person.

Assult/battery is a physical violent crime that cannot be "undone" with payments.

link
emodendroket 2858 days ago
I don't think the payout in wrongful death or personal injury lawsuits really "undoes" the harm any more than a payout in an assault case would.
link
PurpleBoxDragon 2857 days ago
So we need regulations that prevent physical harm from businesses?
link