People are insisting that enrolling in Equifax monitoring if you are affected by the company data breach takes away your right to sue. The truth is more nuanced.
As did many Americans, I went to equifaxsecurity2017.com to see if my personal information was compromised in the company’s massive data breach that exposed millions of Americans’ credit information to cyberhackers.
The web site told me it does not appear my information was part of the breach.
Sigh of relief. Millions will not be so lucky.
If my information had been part of the stolen data, I can sign up for free credit monitoring through Equifax’s TrustedID, a service that usually costs you a hefty fee.
But soon a story began circulating that, should you choose to sign up for TrustedID, you were also signing away your legal rights to sue the company over the data breach and would instead have to avail yourself of forced arbitration with the company.
The clause in the terms you agree to when you sign up for TrustedID at any time as a paying or free customer says this:
This arbitration will be conducted as an individual arbitration. Neither You nor We consent or agree to any arbitration on a class or representative basis, and the arbitrator shall have no authority to proceed with arbitration on a class or representative basis. No arbitration will be consolidated with any other arbitration proceeding without the consent of all parties. This class action waiver provision applies to and includes any Claims made and remedies sought as part of any class action, private attorney general action, or other representative action. By consenting to submit Your Claims to arbitration, You will be forfeiting Your right to bring or participate in any class action (whether as a named plaintiff or a class member) or to share in any class action awards, including class claims where a class has not yet been certified, even if the facts and circumstances upon which the Claims are based already occurred or existed.
That seems to me as if it might force you into arbitration over any potential damage done to you by the data breach, instead of you retaining the legal right to insert yourself into any single or class-action lawsuit which might arise over the incident.
The language also seemed fuzzy enough for New York State Attorney General Eric Schneiderman to get involved in discussions with company officials over the clause.
After those talks, Equifax added this to their web site:
So the forced arbitration clause does apply to anyone who signs up for TrustedID at any time, and it does indeed require you to choose forced arbitration over lawsuits against that service EXCEPT for the data breach incident in this week’s headlines
This incident speaks to one important issue: Absent any meaningful leadership on the national level on these consumer financial issues in a Congress (Democrats and Republicans) that is mostly in the pockets of Wall Street, certain state attorneys general continue to be the watchdogs that protect millions of us from the worst abuses of industry.
If you want to know more about the issues of arbitration (which can be a good thing) and forced arbitration clauses (which can be bad things) read this excellent information from the National Association of Consumer Advocates.