Here’s a Better Identity Theft Idea for Elizabeth Warren

Jaap Arriens/NurPhoto via ZUMA

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

Hannah Levintova reports that Elizabeth Warren has introduced legislation in response to the Equifax hack:

The bill, titled the Freedom from Equifax Exploitation (FREE) Act, would require credit reporting agencies to offer customers free options to impose or lift a “credit freeze” that stops the sharing and selling of personal credit information to third parties. Currently, there is no federal rule requiring that credit reporting agencies offer any sort of freeze option, and agencies that do, charge between $2-$10 each time a freeze is imposed or lifted.

….The bill—also sponsored by Sen. Brian Schatz (D-Hawaii)—would also offer consumers better fraud alert protections in the wake of the breach, requiring credit reporting agencies to offer up to seven years of renewable fraud alert protections.

As happy as I am to see Warren responding to this—even if there’s precious little chance of Republicans offering their support—I’m surprised that her bill is so weak. It should be stronger and less complicated.

A “credit freeze” is a simple thing: it means that if you apply for credit and someone asks for a credit report, Equifax¹ has to contact you first to make sure that it was really you who applied for credit. That’s it. This should be the default. No hassles, no loopholes. Your personal financial information never gets shared with anyone else until you give explicit permission.

In some cases this would delay getting credit. But these days, it would be a minor imposition for most people. Think about what happens when you forget a password and have to change it. You get an email or a text within seconds and then you click a Confirm button. Done. It could work the same way for credit. There should be a single central clearinghouse that links Social Security numbers with email addresses and phone numbers, and credit reporting agencies would all use that clearinghouse to contact credit applicants for confirmation.

Note that this would be kept entirely separate from the credit report itself. This means that if a hacker does somehow get hold of your credit report, they still don’t know your email address or phone number, so they can’t use the information in the report to go on a credit application spree.

Is this perfect? No, but nothing is perfect. It means you have to keep your contact information up to date if it changes. If you forget, it could result in a long delay getting credit approved. And what if you don’t have email or a smartphone? Then the credit reporting agency would have to contact you via phone, or maybe even postal mail. If that’s too much of a hassle for you, you could apply to have your account permanently accessible to anyone who wants to see it—i.e., permanently unfrozen. Needless to say, if you did that you’d be responsible for any credit hacking or identity theft.

These days, a simple text/email confirmation would be easy for 95+ percent of us, with that number increasing every year. It’s a better solution than Warren’s.

Could more be done? Probably. If the credit reporting agencies were made statutorily responsible for identity theft, I’ll bet they’d think of a few more ideas. So how about it, Senator Warren? Why not a bill that requires identity confirmation in all cases and makes credit reporting agencies responsible for identity theft? It’s simple, easy, and effective. It would make the credit reporting agencies unhappy, and it would drive up their costs, but I think I can live with that.

¹And TransUnion and Experian and anyone else who sells credit reports.

DONALD TRUMP & DEMOCRACY

Mother Jones was founded to do journalism differently. We stand for justice and democracy. We reject false equivalence. We go after stories others don’t. We’re a nonprofit newsroom, because the kind of truth-telling investigations we do doesn’t happen under corporate ownership.

And we need your support like never before, to fight back against the existential threats American democracy faces. Fundraising for nonprofit media is always a challenge, and we need all hands on deck right now. We have no cushion; we leave it all on the field.

It’s reader support that enables Mother Jones to report the facts that are too difficult, expensive, or inconvenient for other news outlets to uncover. Please help with a donation today if you can—even a few bucks will make a real difference. A monthly gift would be incredible.

payment methods

DONALD TRUMP & DEMOCRACY

Mother Jones was founded to do journalism differently. We stand for justice and democracy. We reject false equivalence. We go after stories others don’t. We’re a nonprofit newsroom, because the kind of truth-telling investigations we do doesn’t happen under corporate ownership.

And we need your support like never before, to fight back against the existential threats American democracy faces. Fundraising for nonprofit media is always a challenge, and we need all hands on deck right now. We have no cushion; we leave it all on the field.

It’s reader support that enables Mother Jones to report the facts that are too difficult, expensive, or inconvenient for other news outlets to uncover. Please help with a donation today if you can—even a few bucks will make a real difference. A monthly gift would be incredible.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate