The Fair Credit Reporting Act helps protect consumer privacy by limiting access to personal financial data. The FCRA has strictly defined parameters that entities must follow in order to access this data. These parameters define who may access the data and what that data may be used for.
Entities That May Access Credit Report Information
Under the FCRA, entities must prove that they have a valid need to access an individual’s credit reports. Information within an individual’s credit report may be accessed by the following:
- Creditors when an individual seeks to obtain new credit.
- Landlords when an individual seeks to initiate a lease of a residential or commercial property.
- Insurance providers when an individual wants to open a policy.
- Utility Companies setting up utility services.
- Courts may also request copies of an individual’s credit report via subpoena for child support or other law enforcement purposes.
- Employers may access the data within a credit report if the individual gives their consent for the release of this information. However, under no circumstances can an employer seek and receive this information without this consent.
Finally, potential creditors and insurer’s are allowed to view an individual’s credit history in order to prescreen prospective clients and solicit them with offers. However, they are limited in how they may use this data, and are not allowed to do so if the individual has opted out of receiving prescreened offers. Companies that send these offers after an individual has opted out of prescreening are violating the individual’s rights under the FCRA.
Violations of a Consumer’s Privacy Rights
One of the most common violations of the FCRA involves entities accessing credit report information for advertising purposes. Whether it is to advertise a new credit card or to offer debt relief services, these actions are almost always violations of the FCRA. Individuals who believe their information is being used illegally in this regard should speak with an FCRA attorney to discuss the appropriate remedies.
Documenting Privacy Violations
Individuals should keep detailed records of their contact with entities who have illegally accessed or deliberately misused information garnered from credit reports and other financial data such as bank accounts, etc. These records should be properly organized to show the contact history with the entity and the responses they have provided. This information can be presented to the court to establish the deliberate and negligent actions of the entity and the harm those actions have caused.