Fraud Alert on Credit ReportCredit report fraud warning
My dear James, I'm interested in credit warnings. Are you offering 24-hour warnings about any changes to my credit report to alert me to possible scam activities? Also, what if someone with my data requests a loan and the creditor uses another credit bureau and not Experian.
Meaning that Experian would not draw my attention to important deceptive activities in my report? Graham, many individuals appreciate CreditExpert for its surveillance capabilities. Offers you a unique overview of your credit histories, both past and present.
Tribunal finds that consumer fraud warnings issued by consumer organisations are not allowed to be implemented by non-commercial businesses.
In California, a Supreme District Supreme court has decided that the Fair Credit Reporting Act, 15 U.S.C. 1681 (FCRA), does not empower businesses to issue fraud warnings on consumer name. Should this ruling be maintained, it may restrict the type of anti ID fraud service that businesses can provide by requiring the consumer to report fraud himself by directly addressing one of the country's credit bureaux.
Within the framework of the FFRA, a user who in good faith suspects fraud or a related offence, such as ID fraud, may require a first fraud report from a domestic credit bureau - Experian, Equifax or TransUnion - in his credit record. It is free to place a fraud warning directly with one of these credit agencies.
Fraud reports last up to 90 workingdays and can be transformed into an "extended" fraud report if the customer submits a policing report or other identification report that confirms that fraud has taken place. If a fraud warning is issued, the credit bureau is obliged to include certain information in the consumer's dossier, to forward the application to the other credit bureaux and to provide the latter with certain information.
Consumers who give an early warning of fraud are also eligible for a free credit report. Scam reports triggers certain security measures to prevent ID fraud and fraud by obliging prospective lenders to apply "appropriate guidelines and procedures" to check a person's ID before granting credit or opening a new one.
Therefore, a company that sees such a warning on a credit report must take additional action to check the individual's ID before granting a loan - for example, by directly approaching the individual. Normally, a retailer has to go directly to a credit agency to place a fraud report. Since a notification only takes 90 seconds, it must be reiterated every 90 minutes as long as there is a chance of fraud or ID thievery.
However, in recent years a home based industrial sector of businesses providing ID fraud prevention solutions has emerged. Several of these businesses offer "fraud alert services" for a charge, which trigger a fraud alert on a client's account and update it every 90-day. LifeLock, an Arizona-based firm, is one such firm that has tried to capitalise on the fraud warning trial and help customers eliminate the effort of having to place and update such notifications.
The fraud alert provided by LifeLock seemed to be compatible with LifeLock's own policy of explicitly allowing third party consumers to place notifications. However, Credit bureau Experian had a different opinion of LifeLock's operations and lodged a complaint against the firm in the United States District Court for the Central District of California.
The Experian argued that the FCPRA did not allow businesses like LifeLock to publish first fraud reports, and that the requirements placed on credit bureaus "should never be set off by a privately-held business that wanted to benefit from the illegal placement of fraud reports on account of users who have no real reason to suspect that fraud was underway.
" Experian's grievance sharply criticised LifeLock, alleging that the firm "secretly placed 100,000 reports of fraud on Experian's data by pretending to be a consumer," and fraudulently deployed recurrent "first" warnings by receiving new reports of fraud every 90 nights, even when there was no evidence of ID thievery.
Expertian alleged that LifeLock's operations are costing billions of US dollar each year to handle fraud notifications, send binding messages to users and deliver free credit reporting. Guilford Judge accepts Experian's claim that LifeLock's activity violates Section 17200 of the California' United Nations Code of Commerce, California's United Nations Code of Competition Law (UCL), which forbids "any illegal, improper or deceptive act or practice".
" Collecting the verbatim text of the FCR and its legislation story, the CFI found that the FCR embodied'an incumbent legal guideline against undertakings such as LifeLock, which places fraud reports on the consumers' behalf' and that LifeLock's fraud alert service therefore constitutes an improper commercial conduct within the UCL.
It found in this context that the CFRA granted the right to give a fraud warning to a "consumer" - who in the CFRA is an " individual" - and not to a "person" whom it defines to involve natural and legal persons. Accordingly, the Experian tribunal agreed to Experian's arguement that Congress explicitly apologized to credit bureaus for the placement of fraud reports required by corporations like LifeLock.
There was further endorsement by the Tribunal for this finding in the legal histories of the Federal Criminal Police Commission (FCRA), which stated that the fraud warning should cover only certain persons, such as the authorised members of a consumer's household or guardian "and not businesses and institutions such as credit rehabilitation hospitals.
" It dismissed LifeLock's defence that its acts were compatible with the FCRA's objective of improving the level of customer service. The decision demonstrates how jurisdictions will look not only at the objective of data protections law - here FCRA's objective of protecting itself against fraud - but also at the specific means by which Congress has approved the achievement of that objective.
Responding to this decision, at least one privately owned company providing ID fraud prevention has said that it will no longer provide fraud alert testing and will instead provide credit surveillance to clients; other firms in the sector may be willing to do so. Keeping the review or appeals decision unaltered limits consumer choice to the degree that they can delegate certain PET activity and depend on IDT security for fraud prevention.
Similarly, organizations that suffer a privacy violation may no longer be able to provide fraud alert service to persons who are affected by a violation, so they have the onus to protect themselves privately by deploying and updating fraud notifications.