|
|
I got my $5.21 check too. For those who don't remember, the original settlement for the 2017 data breach was supposed to be $125. But they had "unexpected response" so the final settlement ended up being about 4% of that. It's kind of an insulting payment after Equifax leaked names, Social Security numbers, birth dates, addresses, and some drivers license and credit card numbers. Info on the original settlement: https://arstechnica.com/tech-policy/2019/07/you-can-go-claim...
|
|
 |
|
Yea, when I read that the claim group had ballooned I changed my ‘compensation’ to be 5 years of their crap service for identity theft monitoring. I figured that was worth more than $5… though it is debatable.
|
|
|
|
Good thing you can opt out of your data being collected by Equifax, right.. right? Seriously though, how did credit scores come about and was there any resistance at all at the time to peoples' financial information being collected en mass by private companies?
|
|
|
|
How else would you do risk management for loans? Without credit bureau where would the loan originator determine the risk of the loan? Would each individual be responsible have to store all payments and receipt of payment and submit that? Or do we just blend the risk with everyone so if you always paid your loans on time, you pay the same rate as someone who has a loan write off and is 3 months behind in loan payments?
|
|
|
|
Here's how they do it in Belgium: https://finance.yahoo.com/news/belgium-deals-credit-without-.... They have a public credit bureau hosted by the national bank that records all the loans and credit. The data is not for sale to just about any company that is willing to pay for it, the individual has to give permission to share it when they apply for a loan. There isn't such bullshit as in the US where you practically have to push your student to get a credit card "to start building up a credit score." The system works well enough that there's hardly any debate about it.
|
|
|
|
>They have a public credit bureau hosted by the national bank that records all the loans and credit. So basically the same as credit bureaus in the US, but it's a government monopoly? Given how well other government agencies work at least in the US (eg. DMV), I'm skeptical that waving a "government" wand would magically fix stuff. >The data is not for sale to just about any company that is willing to pay for it, the individual has to give permission to share it when they apply for a loan AFAIK that's also the case in the US. When you open a bank account/apply for a credit card, somewhere buried in the terms and conditions is a consent for a credit check. >There isn't such bullshit as in the US where you practically have to push your student to get a credit card "to start building up a credit score." In the US at least, the reason why it's commonly advised for students (and other young adults) to "build credit" is to build up a history of credit usage and repayments. I don't see why the same dynamic wouldn't exist in Belgium. Your own linked article says "Later, it added positive marks as well, allowing “no credit” and “good credit” to be distinguished", which suggests the same dynamic would exist in Belgium.
|
|
|
|
That system would be called "big government" in USA.
|
|
|
|
Well for starters you could voluntarily submit your repayment history to one of a pool of competitive good-for-the-money record keepers, rather than it being involuntarily hoovered up by a state sponsored oligopoly.
|
|
|
|
That’s basically what you have now - every single reporting agency somewhere in the giant ball of terms and condos states that they’ll report on you to credit burros. You can avoid it by avoiding any of those accounts. Whether that is possible practically is another question.
|
|
|
|
> Whether that is possible practically is another question. Well it's sort of the key question though right? The incentives of the credit reporting agencies are fundamentally unbalanced because the average consumer has no meaningful input into their behavior. If could practically avoid having my information sent to bad actors they would be incentivized to treat my data with care. This is an example of where good government regulation can be introduced (giving consumers the option to opt out) rather than what I would consider bad government regulation (trying to specify how the companies should behave directly). I believe in the free market but I also understand that there are cases where incentives are incorrectly balanced and we need a neutral party to make sure all incentives are properly accounted for.
|
|
|
|
>If could practically avoid having my information sent to bad actors they would be incentivized to treat my data with care. who are the "bad actors" in this case? Equifax? Whoever equifax sold the information to? Whoever equifax got the information from? >This is an example of where good government regulation can be introduced (giving consumers the option to opt out) rather than what I would consider bad government regulation (trying to specify how the companies should behave directly). As the parent poster has mentioned, you can already "opt out" by not getting a loan. I agree that it'd be nice if some government regulation allowed to you to have your cake (ie. get loans) and eat it too (not have it reported), but there are two obvious problems: 1. One man's "private information" is another man's free speech. Why should a company be prevented from making true statements about its business dealings with you? You can leave nasty yelp reviews for businesses that have behaved inappropriately. Why shouldn't businesses be able to leave nasty credit reviews for individuals that failed to make payments? 2. On more practical level, opting out might put you in a high risk pool. Part of the enforcement mechanism for repaying loans is that if you don't, your credit gets wrecked and your life becomes harder. If you opted out of credit reporting, that's one enforcement mechanism that a lender wouldn't have, and therefore will adjust accordingly. Going back to the yelp analogy, imagine if yelp allowed businesses to opt out of reviews. Would you want to go to such a business, all else being equal?
|
|
|
|
> The incentives of the credit reporting agencies are fundamentally unbalanced because the average consumer has no meaningful input into their behavior. Howso? The lenders are obligated to submit truthful data, and under FCRA you can dispute fraud and incorrect data. And the FICO/Vantage scoring system can be computed from the data, they don't just spit out a hidden number generated by some ML model.
|
|
|
|
>And the FICO/Vantage scoring system can be computed from the data, they don't just spit out a hidden number generated by some ML model. AFAIK those models aren't public. If you search around you'd find some vague factors and aproximate weights, but nowhere near enough data to reproduce the scores yourself. For the typical consumer and company, they're a black box just like a ML model.
|
|
|
|
|
"Credit rating agencies" =/= "Credit bureau". If you read your own link, you'd discover that the former refers to companies like "Moody's Investors Service, Standard & Poor's, and Fitch Ratings". Needless to say, those are separate entities from credit bureaus, which are companies like equifax, transunion, and experian.
|
|
|
|
This is what's called a 'contract of adhesion.' If no part of it is negotiable, I don't think one party should be able to just endlessly add terms for their own convenience.
|
|
|
|
One novel method that auto insurers have been experimenting with is voluntarily reporting data that can only help, not hurt. So, for instance, if you install their monitoring device in your vehicle and it shows that you don't drive in risky ways, you qualify for a discount. If you choose not to volunteer this data, or the data shows that you're a risky driver, you pay the base rate. Now, is that really "volunteering" the data, or do you end in up roughly the same position as with the credit bureaus, where you need to turn over lots of personal information to get reasonable rates? I think reasonable people can disagree about that.
|
|
|
|
Careful. What seems to really happen is they jack the base rate up a bit, and their threshold for safe driving is “never speed, at all, or use more than 10% throttle or 25% brake”
|
|
|
|
This works for things like car insurance because most people aren’t driving secretly insured cars they don’t tell other insurers about, and because many of the factors determining your car insurance rate are cited by the state. It could work for loans too, but it’d require creating a state agency which… well, I decided not to post that surely unpopular opinion.
|
|
|
|
Someone else's on-time mortgage payments were reported on my credit score for years after I turned 18. I ended up with amazing credit for it. These companies can't even keep track of what they're purportedly supposed to keep track of, why should they continue to exist as they do today?
|
|
|
|
I’ve had a few lucky mistakes in my credit favor, but nothing like that! It shouldn’t be surprising that you take such a principled position in light of that, but it is. Good show.
|
|
|
|
I figure it could have just as easily been a mistake that wasn't in my favor that I'd have to spend years sorting out to my detriment.
|
|
|
|
> How else would you do risk management for loans? Government-run credit-bureau, like Thailand's National Credit Bureau (NCB), that isn't trying to make a buck. Bank of Thailand (who are behind NCB) is also responsible for Prompt Pay, which is a most-excellent and ubiquitous QR-code and cell-number based instant payment system. American retail banking appears to have been screwed hard by "leaving it to the markets", where government intervention and threats have given us Faster Payments (UK), SEPA Instant (EU), Prompt Pay (TH) etc
|
|
|
|
>American retail banking appears to have been screwed hard by "leaving it to the markets", where government intervention and threats have given us Faster Payments (UK), SEPA Instant (EU), Prompt Pay (TH) etc Looking at this comparison table[1], it seems like the options in the US (Zelle and RTP) arrived in similar timeframes to RT1 in the EU? [1] https://en.wikipedia.org/wiki/Instant_payment
|
|
|
|
To add, the quick payment interface of India, UPI. Unified Payment Interface. Central Bank defined the rules. Every bank follows it. Money still gets settled as regular in behind the scenes, but on front end, customer sees money moving instantly, no fees. Money moves between super verified accounts or customers only.
|
|
|
|
you _could_ do it Plaid-style, where you consent to share your history (either raw transactions and liabilities to run through a model, or a pre-calculated score) with a potential creditor. That would solve the formal consent problem. But the essence of it is the same: unfortunately, you have to furnish your verified history to every creditor rando if you want their money.
|
|
|
|
Also, they can't really verify what you give them. Income verification is already "hopefully they aren't lying" for low-risk credit cards and "we have to call their employer to verify this income" for high-risk loans like housing loans. Verifying this amongst dozens of auto loan departments and credit card operations, likely with different hours of operation, would be extremely labor intensive which is why everyone gets to pull applicant credit history from a central database to determine creditworthiness if they also contribute to that database.
|
|
|
|
I like the current model of risk management, but the problem is that if a bank is defrauded by someone pretending to be you, you’re on the hook. That is, the credit bureau doesn’t do a good enough job verifying identity.
|
|
|
|
And it's completely ridiculous that that isn't entirely the bank's problem and you should be able to sue the credit agency for libel.
|
|
|
|
It’s because they call it identity theft. It’s not the bank getting defrauded but you having your identity stolen. Someone steals $1000 from a bank, they come to you and say hi he said his name was kmonsen so we would like to get the money back from you.
|
|
|
|
You’d have loans that tie back to physical objects that can be repossessed - and the down payments would be large. And if someone fraudulently defaulted you’d pursue criminal charges. It’s totally workable but it would cut consumer spending considerably. You could even still do credit cards - just require them to be backed by the amount in cash.
|
|
|
|
This is basically how things used to work. The drawback is that young people with no credit can't build credit easily. You'd be disproportionately favoring those familial lineages with assets and losing out on a huge potential customer pool. With better centralized data it's possible to having something of a win-win where banks get more customers and people can bootstrap their own lending reputation without having the last name "Jones". Of course there's the tradeoff that you have to trust an institution to be a good steward of that data...
|
|
|
|
Here's a paper on how they do it in Afghanistan, absent any reliable banking infrastructure. Islamic finance in general is interesting because it rests on different ethical mores from British-style capitalism, perhaps with a view to limiting pure accumulation. https://www.cambridge.org/core/journals/asian-journal-of-law...
|
|
|
|
> How else would you do risk management for loans? Gee, I wish there was a method for two counterparties to record a transaction publicly and pseudo anonymously so that one might be able to display a mathematical proof of satisfactory fulfillment (or not) of an agreement. <ctrl-f blockch: no results> Well, that’s just crazy talk
|
|
|
|
If credit bureaus were only a public record of your debt and payments they would not be such an issue.
|
|
|
|
> How else would you do risk management for loans? Without credit bureau where would the loan originator determine the risk of the loan? Would each individual be responsible have to store all payments and receipt of payment and submit that? You act like this is ridiculous but the fact of the matter is that I would prefer that, because ultimately the difference agency in this situation I provide the lender my information that I control, in any other scenario my agency has been taken away by an outside group, whom I may or may not trust. Hell imagine how different everything would be if instead of the Credit Unions working for the lenders I instead paid for a service myself that performed this service for me. The difference being one is done to me the other is done by me.
|
|
|
|
> You act like this is ridiculous but the fact of the matter is that I would prefer that, because ultimately the difference agency in this situation I provide the lender my information that I control, in any other scenario my agency has been taken away by an outside group, whom I may or may not trust. This wouldn’t work, because borrowers would only present receipts for credit they repaid on time while withholding information about lines of credit they failed to repay. The point of credit history is that it exposes your past payments or failure to repay. It’s not an equivalent system if borrowers can just conveniently forget to mention the other loans they didn’t repay
|
|
|
|
> It’s not an equivalent system if borrowers can just conveniently forget to mention the other loans they didn’t repay Which is, of course, what we currently have, except it's the businesses who are able to "conveniently forget to mention" instead of the borrowers. I pay myriad bills on time and in full every month, but only three of them--all loans--report my positive payment history to credit bureaus. Yet all of them, from mobile phone providers to landlords to utilities to insurance companies, insisted on being able to look at that payment history. They get the benefit of being able to evaluate me on an incomplete set of data; why shouldn't I get the return? (The answer as always is that we don't have any leverage. Simply saying "well, then don't use those companies" is a non-answer when every company does it the same way and all of them lobby government to keep it that way.)
|
|
|
|
Many places will report a debt to collections but not also send in data that you've been making regular payments.
|
|
|
|
There is nothing stopping a company from offering credit using this strategy. They don't have to source their credit rating from an existing credit agency. Why would someone want to give credit this way, though? If the rating is provided by a company that is paid by the person requesting credit, why would the company giving credit trust it?
|
|
|
|
And there's also a middle ground where you could subscribe to a credit agency and own the data which you could have them supply to a potential lender.
|
|
|
|
Maybe a premium paid credit agency could be a thing?
|
|
|
|
There was a very cool exhibit at the Baker Library at Harvard way back from the archives of Dun an Bradstreet that showed their 19th century version of a credit check product. It was basically just freeform notes about businesspeople like, "Joe is said to be a man of high moral virtue, though it is said that he is often delayed by family matters," or whatever. Super interesting! https://library.harvard.edu/collections/rg-dun-company-credi...
|
|
|
|
> Seriously though, how did credit scores come about Consumer demand. If given the choice between a lower rate loan that utilized people’s centrally collected credit history or a higher rate loan that didn’t rely on any centralized organization, the vast majority of people would take the lower rate loan with a credit score. It wouldn’t even be close. The bottom line is that centralized credit reporting is necessary to achieve the lowest rates. The threat of a reduced credit score is necessary to get a lot of people to pay back loans.
|
|
|
|
Those solicitations I get in the mail to join class action suits always seem phishy to me, and I usually just throw them away. "There's a class action suit against a company you bought capacitors from 9 years ago! Give us your personal information and you may be entitled to a payout!" Uhh... no thanks, that's exactly what a scammer would say. How do people determine which ones are real, and what makes you decide to sign up?
|
|
|
|
I search for the settlement and verify that there’s a real chain of news stories around it. Best to date was the Apple small developer settlement that paid out $8k. Previous was the Google/Apple non-compete settlement. I’ve never bothered with the consumer-focused ones. There are always so many class members you’re lucky to get a couple bucks - as in the OP’s case.
|
|
|
|
But wouldn't a scammer try to use plausible, real class action lawsuits to scam people? Or would a scammer use obviously fake class action lawsuits in order to filter for the stupidest people possible? Depends on how many people fall for the scam I guess.
|
|
|
|
Agreed, they seem like phishes but the best I've received was ~$5K and least was $0.25.
|
|
|
|
it’s also weird because this seems like the universal style of class action lawsuits? why are they so poorly formatted in such a consistently bad way? some legal tradition?
|
|
|
|
I like the idea of a Chief Liability (or Lamb…) Officer, a person who serves with the understanding that they’ll be the person who serves prison time for the felonious crimes of the corporation “I’d sign that purchase order, Bill, but our CLO is literally holding a gun to my head and sobbing saying it’s better this way”
|
|
|
|
They already actually have that it is called the CISO or Chief Intentional Sacrificial Officer, sometime misinterpreted as Chief Information Security Officer.
|
|
|
|
Who is the CISO at Equifax who is currently in prison for leaking our data?
|
|
|
|
We got just the man, Barney Stinson. His job title will be PLEASE. Provide Legal Exculpation and Sign Everything.
|
|
|
|
|
Why should all the other C-levels avoid jailtime for crimes committed by the corporation they're responsible for by just having a literal official patsy? That seems like such a blatant way to put C-levels above the law for real instead of the defacto way they seem to be right now.
|
|
|
|
(Hey, friend. I meant this as a lighthearted take. I have no power to write this into law) I don’t think at all anyone should do this cheaply haha. And imagine if the CLO told the board the other C-suite were squirreling secrets away. And individuals can always be indicted for fraud
|
|
|
|
> Why should all the other C-levels avoid jailtime I don't care if the C-levels (other than the CEO and President of the board) go to prison.
I want to see the CEO and ALL board members in prison for life with no possibility of parole.
|
|
|
|
Oh of course if the CLO runs out of statistical life another would be appointed by the board only from the existing C-suite, even if the board is part court-appointed…
|
|
|
|
Because nobody would sign the offer letter except psychopaths and idiots.
|
|
|
|
That or the desperate. Seems like there are a lot of people who'd be willing to risk spending a year or two at a company with a very high salary even if there was a chance that in that year they might end up in some minimum security prison
|
|
|
|
Yeah we’d just have to legally mandate its existence…
|
|
|
|
|
Who is the CEO at Equifax who is currently in prison for leaking our data?
|
|
|
|
Meanwhile a share of Equifax stock is $198.31. It strikes me that data breaches might decrease in frequency if injured parties could choose whether to be compensated in cash or stock. If their negligence caused you to get pwned, you should get to pwn them in turn. Former Equifax CEO Richard Smith resigned rather than being fired, and got to leave with a $90 million severance package including $18 million of pension, although the breach is estimated to have cost the firm $700 million. He still sits on the board of Docusign.
|
|
|
|
It looks about right. I've yet to see a class action suit where the individuals get any substantial money. I've heard of one where the settlement involved coupons for the product rather than cash.
|
|
|
|
Keep in mind that class actions necessarily exist as a middle-ground mechanism. If the harm to each person were large enough, they would pursue individual claims. But in many cases, it is not worth people's time to pursue individual claims because the damage is relatively minor. A little bit of harm spread over a large enough population, however, becomes a large amount of harm in the aggregate, so class actions are a mechanism for holding companies accountable in those situations. So you would not expect individual members of the class to be getting huge payouts. But you expect that the company is held accountable for the aggregate harm in a way that, if not for class actions, they would likely never be held accountable for.
|
|
|
|
|
I was recently in a settlement for something like $4 and looked into it. My take is basically that in many class action suits there's limited proof of wrongdoing. So it might not make it to court, and if it did make it to court it might be thrown out. Companies pay out since they aren't sure either, but not for the full amount. The lawyers are investing in a suit with unstable ground. Because it's so wishy-washy there just isn't much money in it, and in consequence the payouts are limited. So I'm not sure there's a better way to do it. I do wish the lawyers were more upfront about the above in their messaging to class members (like, "we don't have enough definite evidence to get a conviction, but enough that it's risky for the company, so we can settle for a lower amount") as well as how much it will actually mean per individual, what consequences are likely for the company if the suit succeeds, etc. Not a lawyer (obviously) so if anyone has better info I'd be interested.
|
|
|
|
I have a high school buddy that is a big class action lawyer. When he posts about winning a big case I’m always holding back from commenting asking how much he got paid vs the folks that were actually harmed.
|
|
|
|
It's typically 30% of the settlement, and that's why CA litigators are the rockstars of the legal world.
|
|
|
|
Maybe you can bring it up in a way that appears guileless rather than accusatory? “Nice job dude! I bet you really helped out the victims — how much did you get them?”
|
|
|
|
He would reply with big numbers: $100, $500 million, and so on. They don’t really communicate publicly in terms of the payout per capita although they do negotiate hard to increase the per capita payout (otherwise the total would be small.)
|
|
|
|
On one hand, yes, it's a shame that the victims rarely get anything. On the other hand, anyone is allowed to opt out and sue on their own if they want to. The problem is that very few will because it's not worth your time or money to sue someone for, say, $1000. As someone who wasn't going to take Equifax to court, I prefer an outcome where some lawyer gets rich, I get $5, and Equifax gets a $500 million dollar fine plus a commitment to spend $1 billion on overhauling their security. The alternative was Equifax getting away with a few small-scale lawsuits that would have had total payouts in the low millions. In a more just world, Equifax would go out of business and the assets would be divided among the affected parties. The fact that that won't happen isn't your buddy's fault. At the end of the day, sure, he gets high fees, but if the lawyers in the equifax case were to distribute their fees to victims, maybe I would have gotten $6 instead of $5? My point is, I'm mad at Equifax a lot more so than your buddy.
|
|
|
|
All of the class actions where I've gotten back $5 or whatever have a document listing how the money is spent. Usually at least a third of it goes to the lawyers.
|
|
|
|
Right, so in such a case, if the lawyers decided to work for free and give ALL the money to the class members, you'd get back a whopping $7.50 instead of $5.00. Really, these cases are mostly a way for lawyers to make money, because on a person-by-person basis there's just not enough money to be made in pursuing legal action, but with millions of class members, the aggregate amount is pretty high, and 20 or 33% of that for the lawyers ends up being a nice paycheck.
|
|
|
|
The court awarded attorney fees of 20% of the overall (minimum) award in this case, which came to about $77 million. This is based off a $380.5 million minimum settlement fund (under certain conditions the fund can go up to $100-something million higher). source: https://www.equifaxbreachsettlement.com/admin/services/conne...
|
|
|
|
|
Apple Keyboard Settlement is targeting $300+ for people who had multiple repairs (free repairs) on their keyboards.
|
|
|
|
IIRC, there’s three different tiers on this settlement, most fall within Tiers 1 ($50) and 2 ($150) and fewer will get the $250-300.
|
|
|
|
It’s usually only 1 year of identity theft monitoring from some cheap under-equipped company to actually do anything about it!
|
|
|
|
|
|
I got an email that says I could collect my 5 bucks, but it and the website it links to look incredibly shady and despite seemingly confirming their legitimacy with a bit of googling there’s no way I’m giving them any information for 5 bucks.
|
|
|
|
PayPal finally has a purpose… receiving all these settlements. Plaid’s recent settlement was a decent $35 which is about what it costs to get a new drivers license ¯\_(ツ)_/¯
|
|
|
|
I also received my payout via PayPal but did not receive a notification so it sat in my account for several weeks. Was this intentional? I typically always receive notification when money hits my PP account...
|
|
|
|
I received an alert, so it may not be intentional that you didn't see anything (or an accident that I did). Paid for 1.25 months of GitHub since I don't tend to use PayPal for much else.
|
|
|
|
Interesting - yeah I just happened to log in to my account and see it there, I basically only use PP for receiving settlement checks at this point :)
|
|
|
|
Risk management lawyers earned their millions, it seems. Hard to stay optimistic when nobody is holding big players accountable for hurting people.
|
|
|
|
If our government wasn’t a corrupt shit show they would have been shut down over what they did, or at least their ability to manage the general public’s data. $5 what an insult.
|
|
|
|
Mine got sent to an ancient address, and as far as I can tell there's no way to update the address or have them resend it. Oh well...
|
|
|
|
Just curious: are these actual physical checks, on paper and everything?
|
|
|
|
Mine was $22.50. Why the difference?
|
|
|
|
You were allowed to bill for time you spent trying to repair Equifax’s damage. I spent 4-6 hours trying to verify all my various private banking details were still safe, so Equifax was happy to pay me for what they thought my time was worth (so I received like $19 instead of $5 lmao).
|
|
|
|
I got about 3x what the OP got, but less than this. The payout schedule is probably published somewhere or at least as part of the settlement agreement.
|
|
|
|
|
Did you do the default payment or try to itemize?
|
|
|
|
|
How did they calculate the value? I got one for $25 and some change
|
|
|
|
Wouldn’t it make more sense for these payouts to be consolidated and donated to a non-profit (humanitarian) org? Considering the overhead of processing all these “micro” payments. Assuming most people got few dollars payout. Or at least give people the option to opt out of the payout.
|
|
|
|
|
|
|
Usually the lawyers make most of the money. My favorite is that in church sexual abuse scandals the victims see close to no money, but the lawyers always get paid.
|
|
|
|
|
I requested mine but never received it...
|
|
|
|
You’re rich! Time to buy an island and retire in style
|
|
|
