I would have no issue bankrupting firms like Equifax over data breaches. If the value of the business cannot outweigh the harm of data breaches then it shouldn’t be considered a viable business.
It’s a total joke that these business are not bankrupted by class actions against them. They just give out a token amount and FIVE YEARS of credit monitoring, as if such half-assed attempt at mitigation is good enough. They have legal licence to injure people who had effectively no meaningful ability to consent to having their data harvested.
Sell off the company and give the proceeds to the victims.
simple answer is you can't, because these mechanisms are used by other people to find information about you. The only way to opt out is to not use any services which participates in this ecosystem.
basically, use only cash (no debit or credit cards ever), no housing purchase, live in a tent on public land, do not register for a driver's license, and don't have a passport. No internet account, so no bitcoin (which needs a steady internet connection) - crypto currencies are not the answer because they depend on you being online, and it's super easy to get caught in the mesh with the KYC (know your customer) laws.
You might be able to get by with paper bitcoin but no one really wants to take your offline coins.
don't get any traffic tickets or cross paths with police, always avoid anyone who looks like they are in some kind of authority capacity.
By not using a bank, using a credit card, taking a loan, or being employed. Basically everyone that collects the SSN gives the SSN and other info to these companies.
Don't take out any loans or sign up for subscription plans. Pay for everything up-front and you don't need them.
But for the average person who want to buy a phone, put it on a plan, and walk out - that is not possible without Equifax, Experian, etc providing an instant credit score.
Thanks to so many breaches at various places I have gotten free identity theft protection from two or three providers for many years meanwhile. I'm just waiting for leaks to happen to the identity theft protection providers, so that I can stack up more free protection!
I've always wondered why individuals don't sue companies like Equifax when their "identities are stolen" - if course they were never stolen, Equifax leaked your data that someone else used.
Surely they should be held responsible for whatever happens as a result of that.
A lot of people did take Equifax to court, and many of them settled.[1]
But how does an individual demonstrate damages to a judge? Equifax leaked data on more than 150 million people. If a hypothetical business leaks data about an individual today, there is a good chance that data was already leaked by Equifax. So what additional harm did that hypothetical business inflict on that individual?
The discussion we need to be having is why it's somehow the consumer's fault that their data was leaked. Someone can find your SSN and other private information in a leak, dupe a bank into giving them cash, and now it's your responsibility to resolve this situation? How about the banks figure out a better identity verification system that allowed a bad actor to open the account in the first place?
I froze my credit, I have yet to suffer any meaningful financial damage. As litigious as America is, there typically has to be some sort of financial impact for a lawsuit to be viable.
I don't know what to sue over that would harm them enough to make it worth my time. And I am extremely vindictive about credit bureau bullshit. I don't care if I benefit from the lawsuit, I'd do it purely out of spite if I thought they'd notice.
I suspect that it's hard to prove where the 'identity thief' acquired the information, though the standard of proof is usually relatively low for civil cases.
It’s a total joke that these business are not bankrupted by class actions against them. They just give out a token amount and FIVE YEARS of credit monitoring, as if such half-assed attempt at mitigation is good enough. They have legal licence to injure people who had effectively no meaningful ability to consent to having their data harvested.
Sell off the company and give the proceeds to the victims.