Claim: The four major U.S. credit bureaus will be allowed to share your private information with anyone who requests it as of 1 July 2003 unless you specifically request them not to.
Example:[Collected on the Internet, 2001]
Just wanted to let everyone know who hasn’t already heard, the four major credit bureaus in the US. will be allowed, starting July 1, to release your credit info, mailing addresses, phone numbers etc. to anyone who requests it. If you would like to ‘opt out’ of this release of info, you can call 1-888-567-8688. It only takes a couple of minutes to do, and you can take care of anyone else in the household while making only one call, you’ll just need to know their social security number. Be sure to listen closely, the first opt out is only for two years, make sure you wait until they prompt you to press ‘3’ on your keypad to opt out for good.
Origins: There is truth in the issue which seems to be uppermost in the minds of most of those who receive this message — that is, whether the phone number provided above is valid for the stated purpose or whether it’s some sort of information-collecting scam. The phone number listed (1-888-5OPTOUT) is indeed legitimate; it is a shared number set up with the cooperation of the Associated Credit Bureaus to establish a single point of contact for consumers to call to request that all four major U.S. credit bureaus (Equifax, Experian, Trans Union, and Novus/Innovis) remove their information from the marketing lists and pre-approved credit offer lists sold to third parties. Yes, they automated system will ask you to enter your phone number, Social Security number, and other personal information, because it needs that information to locate your record. If you are uncomfortable supplying this information to an automated system, you will have to call each of the four major credit bureaus individually and speak to real people at each one of them, a cumbersone and time-consuming ‘
However, it is not true that consumers must call this number before 1 July 2004, nor is it true that recent legislation allows credit bureaus to share private information with “anyone who requests it.” This misinformation has been circulating since 2001, and the same message keeps getting get dusted off and sent around every year with an updated deadline. (In fact, if you call the number listed above, the first option you’re presented is to listen to a message explaining why the e-mail quoted above is false.)
Contrary to the text of the dire warning quoted above, credit bureaus cannot sell your non-public personal information (e.g., Social Security number, employment history, bank account information) to “anyone who requests it.” Under the Fair Credit Reporting Act of 1997, businesses seeking to obtain personal information from credit bureaus must have a “permissible purpose” in order to access credit reports. (Permissible purposes include checking the backgrounds of persons to determine their creditworthiness before selling or renting property to them, extending them loans or credit, or considering them for employment.) This restriction remains in force, it did not change on 1 July 2001, and it still applies whether or not you call the number listed above.
Credit bureaus can, however, create lists containing the names, addresses, and phone numbers of consumers with good credit and sell them to telemarketers and direct-mail marketers. (Names, addresses, and phone numbers are not considered “non-public personal information” because they may be obtained from a variety of publicly-accessible sources, such as phone directories.) Consumers may call the 1-888-5OPTOUT number to request that all four major credit bureaus not include their information on these marketing lists. There is no deadline for this process — consumers may call the number at any time.
What did change back in 2001 was that due to the implementation of the Gramm-Leach-Bliley Act (also known as the Financial Services Modernization Act) the banking, insurance, and securities industries were allowed to operate under the same corporate affiliation. (This act set aside legislation passed during the Depression era, which had created legal barriers to prevent mergers between banks, insurance companies, brokerage firms, and other financial institutions.) Because of consumers’ concerns that new financial conglomerates allowed under this legislation might pool their resources to compile huge databases of sensitive customer information and share them with third parties, Congress added a provision to the act requiring that all financial service companies send privacy notices providing a “reasonable opportunity” for their customers to opt out of this information-sharing by 1 July 2001. (These notices had to provide consumers with details about all the kinds of information the companies collected about them and how they used that information.) The 1 July 2001 deadline applied only to the sending of notification to customers by financial institutions, and it had nothing to do with credit bureaus. Some key points of this “opt-out” process are:
Unlike credit bureaus, financial institutions can share your private information with third parties by default. In order to stop this sharing, you must specifically invoke your “opt-out” privileges to request that they not do it.
Privacy notices had to be sent to customers by 1 July 2001, but there is no deadline by which customers must respond. Your right to “opt out” of the information-sharing process is ongoing and may be invoked at any time.
Most importantly, you must contact every financial institution with which you do business to completely “opt out” of the information-sharing process. The phone number given in the message quoted above (1-888-5OPTOUT) applies only to credit bureaus. Calling this number will not affect the ability of any banks, insurance companies, credit card companies, brokerage firms, or any other financial institutions with which you do (or have done) business from sharing your information.
The bottom line is that laws regarding the selling of personal information by financial institutions have become more stringent recently, not less. The changes may not have made the laws as stringent as we’d like them to be, but at least they’re a step in the right direction, not the scare stories these messages make them out to be.
Consumer Credit File Privacy: The Real Deal (Federal Trade Commission)
Protecting Financial Privacy (Privacy Rights Clearinghouse)