Members of the Senate Commerce Committee challenged Equifax’s chief executive Wednesday about the credit reporting agency’s sweeping data collection and its one-sided relationship with millions of Americans whose personal information it harvests for profit.
Equifax revealed in September that attackers may have compromised the sensitive information of as many as 145 million people. But for many Americans – and for Senators at Wednesday’s hearing – it was unclear why Equifax was storing information about them in the first place.
The hearing into the data breaches – the fifth so far – featured testimony from current and former officials from Equifax, Yahoo and Verizon, and added to the uproar about the company’s policies and its response to the breach.
In one notable exchange, Sen. Catherine Cortez Masto, D-Nev., asked the interim chief executive officer of Equifax, Paulino do Rego Barros, why consumers do not have a say in opting in or out of the company’s data collection.
“This is part of the way the economy works,” Barros said. But he was interrupted. “The consumer doesn’t have a choice, sir. The consumer does not have a choice on the data that you’re collecting,” Masto said.
Her line of questioning echoed other lawmakers who have pushed back against fundamental aspects of Equifax’s business, which have faced widespread scrutiny after the data breach came to light.
After confirming with Barros that it is Equifax, and not consumers, that owns all the granular data collected about them, and that consumers cannot request to exit the company’s files, Sen. Cory Gardner, R-Colo., asked the current Equifax chief if it was right that the company maintains that arrangement. “I think it’s not my perspective to say it’s right or wrong,” Barros said.
When Marissa Mayer, the former chief executive of Yahoo was asked if consumers should own their own data, however, she said, “Yes. I believe that they should.”
Even as Barros said it is up to Equifax to earn the public’s trust, he did not commit to proactively notifying all the consumers who were potentially affected by the breach. “We are actively, actively engaged with consumers to make sure that they use the products that we have today,” Barros said when asked by Sen. Tammy Baldwin, D-Wis., pointing to the company’s Web page, social media and a team dedicated to engaging with consumers.
Barros told the committee that 30 million people have visited Equifax’s website to learn if their information was stolen.
However, Baldwin suggested that was only a fraction of those who might have been affected by the breach. “30 million? Out of 145 million,” Baldwin said.
As in previous congressional hearings, Equifax representatives continued to defend the company’s use of arbitration clauses.
Several senators on the panel said new legislation is needed to prod companies like Equifax and Yahoo to better protect consumer data. Such measures would grant the Federal Trade Commission greater powers to enforce “reasonable” cybersecurity standards and for the agency to impose fines on negligent businesses. The FTC is investigating the Equifax breach.
“If we are going to do anything meaningful we must have the political will to hold these companies accountable,” said Sen. Bill Nelson, D-Fla., the ranking member of the committee. “We can either take action with common sense rules or we can start planning for our next hearing on this issue.”
Send questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.