{"took":153,"timed_out":false,"_shards":{"total":5,"successful":5,"skipped":0,"failed":0},"hits":{"total":{"value":40,"relation":"eq"},"max_score":null,"hits":[{"_index":"complaint-public-v1","_id":"18900327","_score":21.605486,"_source":{"product":"Debt collection","complaint_what_happened":"On XX/XX/year>, a debt collection company sent me an unsolicited XXXX  text message that included a photo of a full collection notice for an alleged medical debt. The image contained sensitive personal information, including my full name, home address, account numbers, and the name of a healthcare provider. \n\nThe same text message included a shortened web link to access a full XXXX  of the document and stated that the password to open the document was my ZIP code. Using a commonly known or easily guessable identifier as a password does not constitute reasonable security and increased the risk of unauthorized access. \n\nI did not consent to receiving sensitive debt or medical billing information by text message, nor did I consent to receiving documents protected only by weak authentication. Transmitting this information via XXXX  and a link protected solely by a ZIP code created a risk of third-party disclosure through lock-screen previews, shared device access, misdirected messages, or interception. not to mention the zip was viewable in the image sent. \n\nThis communication method was inappropriate for transmitting sensitive personal and medical debt information and appears inconsistent with FDCPA requirements and CFPB guidance regarding electronic communications, data minimization, and consumer privacy. \n\nThe company initiated contact using XXXX  instead of U.S. mail and disclosed more personal information than necessary for an initial communication.","date_sent_to_company":"2026-01-21T20:05:39.000Z","issue":"Electronic communications","sub_product":"Medical debt","zip_code":"37040","tags":"Servicemember","has_narrative":true,"complaint_id":"18900327","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Community Health Investment Company, LLC.","date_received":"2026-01-21T19:51:11.000Z","state":"TN","company_public_response":null,"sub_issue":"Used obscene, profane, or other abusive language"},"highlight":{"complaint_what_happened":["Transmitting this information via XXXX  and a link protected solely by a ZIP code created a <em>risk</em> of third-party disclosure through lock-screen previews, shared device <em>access</em>, misdirected messages, or <em>interception</em>. not to mention the zip was viewable in the image sent."]},"sort":[21.605486,"18900327"]},{"_index":"complaint-public-v1","_id":"21628102","_score":19.528751,"_source":{"product":"Credit card","complaint_what_happened":"I am submitting a complaint regarding unsolicited super checks / convenience checks mailed by Wells Fargo in connection with my credit card account. I established this credit line approximately 21 years ago and, to my knowledge, I never authorized the production or issuance of super checks on my account. \n\nThe production and mailing of these checks compromises the security of my account because the routing number and account number are printed at the bottom of the checks, and these checks were produced and mailed without my knowledge or consent. In addition, this appears to be a potentially predatory lending practice, as these checks provide no benefit to me as the consumer. \n\nI did not request, authorize, or consent to receiving these checks. Wells Fargo nevertheless sent negotiable checks tied to my available credit line through the mail and without a credit limit on the checks potentially opening me up to further liability on the account. \n\nI believe this practice creates unnecessary security and consumer protection risks. Mailing live negotiable instruments linked to a credit account increases the risk of theft, interception, fraud, unauthorized use, or misuse if the checks are lost or stolen. It also encourages high-interest debt through unsolicited access to credit. \n\nI am particularly concerned that this product was issued without my affirmative request or prior approval. I view the unsolicited mailing of credit-access checks as an unfair and potentially predatory lending or marketing practice, especially where consumers may not fully appreciate the fees, APR, balance-transfer terms, cash-advance treatment, or fraud risks associated with using such checks.\n\nI previously raised this issue directly with Wells Fargo through its internal complaint process. Despite that, I am seeking regulatory review of whether this practice is consistent with fair consumer treatment and adequate account-security standards.\n\nI also request that the CFPB review whether Wells Fargos unsolicited issuance of these checks may constitute an unfair, deceptive, or abusive practice, particularly where consumers did not request the product and where security risks are shifted to the consumer.","date_sent_to_company":"2026-04-27T15:35:50.000Z","issue":"Advertising and marketing, including promotional offers","sub_product":"General-purpose credit card or charge card","zip_code":"95120","tags":null,"has_narrative":true,"complaint_id":"21628102","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2026-04-27T15:23:24.000Z","state":"CA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Confusing or misleading advertising about the credit card"},"highlight":{"complaint_what_happened":["I believe this practice creates unnecessary security and consumer protection <em>risks</em>. Mailing live negotiable instruments linked to a credit account increases the <em>risk</em> of theft, <em>interception</em>, fraud, <em>unauthorized</em> use, or misuse if the checks are lost or stolen. It also encourages high-interest debt through unsolicited <em>access</em> to credit. \n\nI am particularly concerned that this product was issued without my affirmative request or prior approval."]},"sort":[19.528751,"21628102"]},{"_index":"complaint-public-v1","_id":"17306433","_score":16.371994,"_source":{"product":"Checking or savings account","complaint_what_happened":"I am filing a complaint regarding Chase Bank 's mishandling of a serious Account Takeover, mail theft, and unauthorized ATM withdrawals, purchases, and electronic transfers incident totaling almost {$17000.00}. There are multiple claims open due to the fact that criminals had access to 2 bank accounts ( one savings, one checking ), and used several methods for stealing ( ATM withdrawals, in-store purchases, and electronic transfers ). For the claim on the checking account, Chase has denied my claim twice, despite clear evidence of account takeover, procedural failures, and violations of Regulation E. \n\n1. Criminals accessed my online Chase account before contacting me They referenced my exact recent Chase transactions, including : - A {$390.00} XXXX purchase - My {$2200.00} XXXX payment to XXXX XXXX  This information is only visible inside my Chase account. This proves unauthorized access and establishes that this was an Account Takeover, not \" customer-authorized activity. '' 2. Chase canceled my debit card and issued a new card at the request of the criminals I did NOT request a new debit card or authorize cancellation of my existing one. \nThis means Chase processed a high-risk action ( card cancellation + replacement issuance ) without verifying my identity.\n\nThis is a procedural failure by Chase 's fraud prevention and customer authentication processes.\n\n3. The replacement debit card was stolen from the mail The criminals intercepted the replacement card and used it with the PIN they socially engineered. This is federal mail theft.\n\n4. The criminals withdrew money, used it for purchases, and electronic transfers using the stolen card I did NOT authorize these withdrawals, purchases, and transfers. I was not present, and I do not know the individuals. ATM surveillance footage exists and will show the thief.\n\n5. Chase incorrectly denied my claim twice Chase incorrectly classified the fraud as \" customer provided PIN '', which is factually and legally incorrect.\n\nThe fraud involved : Unauthorized access to my online account, Caller ID spoofing, Mail theft, A stole physical debit card, Unauthorized ATM withdrawals, Unauthorized purchases using social engineering, unauthorized electronic transfers, A procedural failure by Chase in issuing a card I never requested Under regulation E, I am not liable for unauthorized electronic fund transfers that result from account takeover or bank error. Chase continues to deny my claim despite evidence that this was NOT customer-authorized. \n\n6. I have filed all required reports- Chicago Police Department Report - Report the stolen package to UPS - FTC Identity Theft Affidavit - Executive Office escalation at Chase I am requesting that the CFPB require Chase to : - Reclassify my claim and all my claims under Account Takeover + Unauthorized Transaction + Mail Theft - Conduct a full investigation of their procedural failure in issuing a debit card without my authorization - Reimburse me for all unauthorized withdrawals, transfers and purchases as required by Regulation E - Provide written findings justifying their previous denials This situation has created significant financial stress and emotional distress. \nI am simply requesting that Chase apply federal consumer protections correctly and take responsibility for their internal failures that enabled fraud.","date_sent_to_company":"2025-11-17T16:04:39.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"60611","tags":null,"has_narrative":true,"complaint_id":"17306433","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2025-11-17T15:28:29.000Z","state":"IL","company_public_response":null,"sub_issue":"Problem using a debit or ATM card"},"highlight":{"complaint_what_happened":["The fraud involved : <em>Unauthorized</em> <em>access</em> to my online account, Caller ID spoofing, Mail theft, A stole physical debit card, <em>Unauthorized</em> ATM withdrawals, <em>Unauthorized</em> purchases using social engineering, <em>unauthorized</em> electronic transfers, A procedural failure by Chase in issuing a card I never requested Under regulation E, I am not liable for <em>unauthorized</em> electronic fund transfers that result from account takeover or bank error."]},"sort":[16.371994,"17306433"]},{"_index":"complaint-public-v1","_id":"18419242","_score":14.377159,"_source":{"product":"Checking or savings account","complaint_what_happened":"I. EXECUTIVE SUMMARY I, XXXX XXXX, hereby formally declare that I am the victim of a sophisticated identity theft and hardware compromise event that occurred between XX/XX/XXXX, and XX/XX/XXXX. Unauthorized perpetrators utilized a compromised mobile deviceinfected via a malicious link from truserfmobile.comand stolen physical credentials to bypass security protocols. This resulted in {$11000.00} in fraudulent transfers to the merchant XXXXXXXX XXXX XXXX XXXX XXXX XXXX. \nThis statement is supported by objective forensic data from XXXX XXXX, XXXXXXXX XXXX XXXX  and XXXX XXXX XXXX XXXX, etc.. Furthermore, I have filed official sworn statements with the Federal Trade Commission ( Report # XXXX ) and the FBI Internet Crime Complaint Center to pursue criminal prosecution of the perpetrators. \n\n1. Communication Interception ( SMS & Email ) The perpetrators utilized a dual-vector attack to suppress all security notifications sent to my devices : SMS/Text Message Interception : XXXX and Stripe sent Multi-Factor Authentication ( MFA ) codes to my mobile number ending in XXXX. These messages were filtered directly to \" Spam '' or intercepted via screen mirroring. \nEvidence : XXXX XXXX logs show codes XXXX, XXXX, XXXX, XXXX, XXXX, etc. were sent and immediately entered by the attackers between XX/XX/XXXX and XX/XX/XXXX via either email or sms interception. \nEmail XXXX ( XXXX XXXX  ) : On XX/XX/XXXX, XXXX XXXX issued a \" Spike in user-reported spam '' alert. \nEvidence : XXXX messages were flooded into my inbox in the 5 day window mentioned to bury legitimate fraud alerts. \nXXXX. XXXX XXXX XXXX  ( XXXX XXXX Logs ) XXXX XXXX document a massive deviation in data usage on XX/XX/XXXX, consistent with the download of a malicious payload or mirroring software. \nNormal Usage ( XX/XX/XXXX ) : XXXX GB Breach Usage ( XX/XX/XXXX ) : XXXX GB Conclusion : This 1000 % spike confirms the active data exfiltration/mirroring payload coinciding with the accidental click on the truserfmobile.com link. \nXXXX. Device Activity Anomaly ( XXXX XXXX Logs ) System logs confirm the device was \" Active '' for extreme durations during the fraud window, indicating a XXXX XXXX XXXX  ( XXXX  ) or script was controlling the screen XXXX. \nXX/XX/XXXX ( XXXX XXXX ) : 112 % Battery Usage / XXXX hours XXXX minutes active screen time. \nXX/XX/XXXX : 94 % Battery Usage / XXXX hours and XXXX minutes of active screen time XX/XX/XXXX ( XXXX Day ) : 139 % Battery Usage / XXXX hours and XXXX minutes of active screen time XX/XX/XXXX ( Peak Fraud Day ) : 149 % Battery Usage / 12 hours and 43 minutes of active screen time. \nXX/XX/XXXX : 128 % Battery Usage / XXXX hours XXXX minutes active screen time. \nXX/XX/XXXX : 99 % XXXX XXXX XXXX hours and XXXX minutes of active screen time XX/XX/XXXX : 72 % XXXX XXXX XXXX hrs and XXXX minutes of active screen time XXXX. Carrier Validation of Security Breach ( XXXX XXXX ) Official Finding : On XX/XX/XXXX, XXXX XXXX formally investigated the device 's behavior and declared the hardware \" compromised by a security breach. '' Remediation : XXXX immediately issued Replacement Order # XXXX, citing \" Reason XXXX : User content lost or no access '' and noting the device needed replacement \" due to safety reasons. \". \nPossession vs. Control : While the compromised device remains temporarily in my possession pending the arrival of the replacement unit, XXXX expert analysis confirms that the device was subject to external control/mirroring. The fact that I physically hold the device does not imply I authorized the transactions ; rather, I am preserving the compromised hardware as forensic evidence. \n\nI vigorously assert that I have zero prior history of sports betting, online gambling, or high-risk trading on any of my financial accounts. A comprehensive review of my banking history with Chase, XXXX XXXX and XXXX XXXX confirms that since the inception of these accounts, there has never been a single transaction to merchants such as XXXX, XXXX, XXXX, or similar entities. The sudden, high-volume activity with XXXX XXXX XXXX XXXX of bets placed in days ) is completely anomalous and inconsistent with my established financial behavior which can be verified with financial statements from all affected banks. \nVI. FINAL ATTESTATION I, XXXX XXXX, declare under penalty of perjury that the foregoing is true and correct. I did not authorize transactions listed in that affidavit. The fraud was facilitated by a hardware compromise ( XXXX XXXX ), the interception of SMS verification codes, email XXXX, and the exploitation of my pre-existing biometric authentication with XXXX I hold {$0.00} in illicit credits and authorize XXXX XXXX to reclaim all funds remaining in the fraudulent account.","date_sent_to_company":"2026-01-02T13:57:15.000Z","issue":"Problem with a lender or other company charging your account","sub_product":"Checking account","zip_code":"07107","tags":null,"has_narrative":true,"complaint_id":"18419242","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2026-01-02T13:43:52.000Z","state":"NJ","company_public_response":null,"sub_issue":"Transaction was not authorized"},"highlight":{"complaint_what_happened":["Communication <em>Interception</em> ( SMS & Email ) The perpetrators utilized a dual-vector attack to suppress all security notifications sent to my devices : SMS/Text Message <em>Interception</em> : XXXX and Stripe sent Multi-Factor Authentication ( MFA ) codes to my mobile number ending in XXXX. These messages were filtered directly to \" Spam '' or <em>intercepted</em> via screen mirroring."]},"sort":[14.377159,"18419242"]},{"_index":"complaint-public-v1","_id":"18961827","_score":14.210066,"_source":{"product":"Checking or savings account","complaint_what_happened":"I am submitting this complaint to formally report a serious fraud incident involving my Citibank account ending in XXXX, in which I was coerced under false pretenses into withdrawing and transferring {$21000.00}. This loss was not the result of ordinary consumer error, but rather a series of systemic failures by Citibank in safeguarding my account, responding to clear fraud indicators, and following required security and teller protocols. \n\nOn XX/XX/year>, I began receiving spoofed phone calls that appeared to originate directly from Citibanks fraud department. These callers possessed highly specific personal and account information that I never provided to theminformation that should have been accessible only to Citibank. When I attempted to verify the calls by dialing the number on the back of my debit card, the call was routed back to these same individuals. On XX/XX/year>, when I attempted to call Citibank again, I received an automated message stating that Citibank could not take my call at that time. \n\nUnder the belief that I was assisting Citibank with an internal fraud investigation, I was instructed to go to the Citibank branch located at XXXX XXXX XXXX, XXXX  XXXX, CA, on the morning of XX/XX/year>, to attempt withdrawals. At that time, my account had already been flagged for suspicious activity for approximately 48 hours. My debit card had been locked, there had been unauthorized attempts to change my online access credentials, suspicious payees had been added, and unusual login activity had occurred from multiple new devices.\n\nDespite these clear and significant fraud indicators, the branch teller and branch manager allowed me to withdraw large sums of money without meaningful questioning, escalation, or enhanced verification. The teller even instructed me to re-enter information in response to an automated Citibank email prompt instead of halting the transaction. The manager ultimately approved the withdrawal despite the high-risk nature of the activity and the multiple red flags already present on my account.\n\nImmediately after the withdrawal, I was coerced into handing over the funds to individuals outside the branch, including a man driving a XXXX XXXX XXXX, who claimed to be with Citibank. I was falsely told that my account had already been reimbursed and that I would see the funds restored once my new debit card arrived. Following this, multiple wire transfers were initiated to an unknown individual, effectively emptying the remaining funds in my account.\n\nCitibanks failures continued even after I reported the fraud. When I called to block my account, Citibank only locked my debit card and left my checking account active. As a result, on XX/XX/year>, multiple loans were attempted to be opened using my account. I had to call again on XX/XX/year>, to have the entire account properly locked. Additionally, I received delayed fraud alerts due to spoofing and interception tactics, leaving me without timely or effective warning from Citibank during a critical period.\n\nThis incident reflects multiple institutional failures by Citibank, including : 1 ) Failure to protect customer data, as the perpetrators possessed detailed internal account information I never disclosed.\n\n2 ) Failure to stop suspicious account activity, despite numerous security alerts, unauthorized access attempts, and a locked debit card.\n\n3 ) Failure of teller and branch management protocols, by approving high-risk withdrawals without appropriate verification or escalation.\n\n4 ) Failure in account closure procedures, allowing continued exploitation even after fraud was reported.\n\n5 ) Delayed and ineffective fraud notification systems, which left me exposed during an active fraud event.\n\nCitibanks expansion of telebanking and digital services carries an increased responsibility to protect consumers and proactively warn them of emerging fraud risks. In my case, critical guidance and protections were either absent or delayed until after the financial harm had already occurred. This failure represents not only a breach of trust, but a serious breakdown in consumer financial protection that warrants regulatory intervention.","date_sent_to_company":"2026-01-23T19:16:44.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"95621","tags":null,"has_narrative":true,"complaint_id":"18961827","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CITIBANK, N.A.","date_received":"2026-01-23T18:42:11.000Z","state":"CA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Problem using a debit or ATM card"},"highlight":{"complaint_what_happened":["This incident reflects multiple institutional failures by Citibank, including : 1 ) Failure to protect customer data, as the perpetrators possessed detailed internal account information I never disclosed.\n\n2 ) Failure to stop suspicious account activity, despite numerous security alerts, <em>unauthorized</em> <em>access</em> attempts, and a locked debit card.\n\n3 ) Failure of teller and branch management protocols, by approving high-<em>risk</em> withdrawals without appropriate verification or escalation.\n\n4 ) Failure in account"]},"sort":[14.210066,"18961827"]},{"_index":"complaint-public-v1","_id":"12317166","_score":14.11886,"_source":{"product":"Checking or savings account","complaint_what_happened":"Dear CFPB, I am writing to formally file a complaint regarding a series of unauthorized activities on my checking account, as well as the denial of my fraud claim by Bank of America. \n\nOn XX/XX/XXXX, in the early morningwhile the bank was not yet XXXX received an email stating that my bank password had been changed, an action I did not authorize. I immediately logged into my account and reset my password, believing that this would prevent further unauthorized access and protect my funds. However, shortly thereafter, I began receiving additional emails from the bank indicating that the contact information in my account was being altered. Specifically, while my account initially had two phone numbers ( one for me and one for my daughter ) along with my email address, the fraudsters deleted my daughters phone number and changed my email address to one they created. They have control of my phone number and as a result, all the contact information on my account came under their control, leaving me unable to manage or secure my account. Eventually, I was unable to log into my online banking and could no longer verify whether my funds were still intact. \n\nWhen I arrived at my local branch first thing that morning, I was informed that there were several large, suspicious transactions in my checking account. I was told that two unauthorized transactions had been processed and several others were still pending. Although some of these transactions were reversedpresumably after the bank detected the duplicated large transactionsmost were directed to a company called XXXX Texas, with which I have no business relationship as I reside in California. Additionally, the banker noted that someone had even ordered debit cards on my behalf. \n\nI promptly filed fraud claims with Bank of America for all of these unauthorized transactions and was told the money will return in XXXX business days. While as of today, one claim resulted in a temporary credit but still invesgating, another was denied with the explanation that the charge was authorized by you or made by someone who has permission to use the card or account. This reasoning is incorrect, as none of these transactions were authorized by me. Furthermore, I am concerned that even the temporary credit may later be reversed.\n\nI also believe that the banks reliance solely on phone numbers for identity verification presents a significant security vulnerability. Fraudsters canand in my case, didgain control of phone numbers to intercept security codes and manipulate account information. Despite being the legitimate account holder, the fraudsters control of my phone number prevented me from receiving security codes, leading the bank to mistakenly assume that I was not the authorized user. This practice poses a serious risk and highlights a major flaw in the banks security protocols. \n\nI respectfully request that the CFPB investigate this matter to ensure that proper procedures are followed in handling fraudulent activities and to protect consumers from being held responsible for unauthorized transactions. \n\nThank you for your prompt attention to this serious issue. I am prepared to provide any additional information or documentation as needed. \n\nSincerely, XXXX XXXX","date_sent_to_company":"2025-03-04T17:12:37.000Z","issue":"Problem with a lender or other company charging your account","sub_product":"Checking account","zip_code":"91752","tags":null,"has_narrative":true,"complaint_id":"12317166","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"BANK OF AMERICA, NATIONAL ASSOCIATION","date_received":"2025-03-04T16:52:24.000Z","state":"CA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Transaction was not authorized"},"highlight":{"complaint_what_happened":["Dear CFPB, I am writing to formally file a complaint regarding a series of <em>unauthorized</em> activities on my checking account, as well as the denial of my fraud claim by Bank of America. \n\nOn XX/XX/XXXX, in the early morningwhile the bank was not yet XXXX received an email stating that my bank password had been changed, an action I did not authorize. I immediately logged into my account and reset my password, believing that this would prevent further <em>unauthorized</em> <em>access</em> and protect my funds."]},"sort":[14.11886,"12317166"]},{"_index":"complaint-public-v1","_id":"12111295","_score":13.080202,"_source":{"product":"Checking or savings account","complaint_what_happened":"Please consumer financial bureau wish you were coming to you and I regards to the amazing experience we have a city besidely that's not even the closest thing to the case not only will we kept out of our accounts It kept but tell knowledge of what exactly was going on with our account but we were framed and treated as criminals My mother remind you has had a relationship with anything for 30 plus years and has never been treated so low like she has been made to feel when she calls in or I do Our names in the joint account are. \nXXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXXXXXX Email XXXX Phone number XXXX XXXX the XXXX XXXX  Account and routing numbers XXXX XXXX Consumer Financial Protection Bureau XXXX XXXX XXXX, XXXX XXXX XXXX XXXX XXXXXXXX Subject : Urgent Complaint Regarding Fraudulent Transactions and Mishandling of Joint Checking Account by Citibank Dear Consumer Financial Protection Bureau, I am writing to formally lodge a complaint against Citibank regarding severe breaches in security and the mishandling of a joint checking account under the names of XXXX and XXXX XXXX. Between the months of XXXX and XXXX, our account was compromised three separate times, leading to significant financial distress, emotional turmoil, and a dire impact on our well-being. \n\nDespite our best efforts to secure our account, an unknown individual or individuals gained access to our banking information in ways that remain unclear. We do not know if a skimmer was involved, but my personal information, including my name and Social Security number, was found on the dark web. Additionally, a persistent, unidentified phone number repeatedly bypassed Citibanks security measures and gained access to our banking details. This number was never authorized or verified by us, yet it was inexplicably allowed to override all security protocols, linking a digital wallet to our account without our consent. \n\nAs a result, multiple unauthorized transactions took place, many of which we could not see or did not recognize. Adding to our distress, important banking mail that should have been delivered was either intercepted or never arrived, leaving us unaware of crucial account activities. The financial losses we suffered were devastating. Our rent went unpaid, putting us at risk of eviction, and our car is now facing repossession. The emotional and financial toll of these violations has left us in a state of extreme hardship, especially through the holiday season. \n\nWhat is most infuriating is that Citibank has treated us as if we are the ones responsible for this fraud, rather than being victims of a severe security lapse on their part. Instead of following standard security proceduressuch as requiring in-person verification for major account changes, as they have done with us in the pastthey allowed this unauthorized individual to repeatedly access our funds remotely. If we, as account holders, were required to verify our identity in person, why was this same standard not applied to the fraudster who accessed our account multiple times? \n\nWe feel that Citibank has spread falsehoods regarding this situation and has failed to take accountability for their lack of proper security enforcement. Their failure to protect our account has caused immeasurable financial strain and emotional distress, leaving us in a position where we could not even access our own hard-earned money. Instead of helping to rectify the issue, Citibank has only added to our stress by dismissing our concerns and failing to properly investigate how these breaches occurred. \n\nAt this point, we are left with no other choice but to seek intervention. We request that the Consumer Financial Protection Bureau launch an investigation into Citibanks handling of this matter, including their failure to prevent repeated unauthorized access, their inadequate security measures, and their unfair treatment of us as victims of fraud. We demand a full review of the fraudulent transactions, proper restitution for the financial damages suffered, and an explanation as to how and why this repeated breach was allowed to occur. \n\nThe emotional and financial impact of this ordeal has been devastating. We have lost faith in Citibanks ability to safeguard our funds, and as a result, we are considering terminating our relationship with the bank. However, before doing so, we need answers and accountability. We trust that the Consumer Financial Protection Bureau will take this matter seriously and ensure that Citibank is held responsible for their negligence. \n\nThank you for your time and attention to this matter. I look forward to your prompt response. \n\nNot treated sincerely yet sincerely from XXXX and XXXX XXXX","date_sent_to_company":"2025-02-17T06:16:48.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"90808","tags":"Servicemember","has_narrative":true,"complaint_id":"12111295","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CITIBANK, N.A.","date_received":"2025-02-17T06:09:10.000Z","state":"CA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Deposits and withdrawals"},"highlight":{"complaint_what_happened":["As a result, multiple <em>unauthorized</em> transactions took place, many of which we could not see or did not recognize. Adding to our distress, important banking mail that should have been delivered was either <em>intercepted</em> or never arrived, leaving us unaware of crucial account activities. The financial losses we suffered were devastating. Our rent went unpaid, putting us at <em>risk</em> of eviction, and our car is now facing repossession."]},"sort":[13.080202,"12111295"]},{"_index":"complaint-public-v1","_id":"15289051","_score":12.376451,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"This is a formal legal demand submitted via the Consumer Financial Protection Bureau complaint process. It is not an item dispute under FCRA 611 and is not to be handled via the e-OSCAR automated system. It requires direct compliance review by your legal and compliance departments. \n\nPursuant to my rights under multiple federal and state laws, you are required to produce all data your company maintains, transmits, or uses about me, whether or not you classify it as part of a consumer file, including all suppressed, archived, and lender-facing datasets. \n\nGoverning Laws and Obligations Fair Credit Reporting Act ( 15 U.S.C. 1681 et seq. ) : 603 ( d ) Consumer report includes any communication of information used to determine eligibility for credit, insurance, employment, or other permissible purposes. \n\n609 ( a ) ( 1 ) - ( 3 ) Full file disclosure, all sources of information, all recipients within the statutory periods.\n\n607 ( b ) Duty to follow reasonable procedures to assure maximum possible accuracy. \n\n611 ( a ) ( XXXX ) XXXX reinvestigation and full disclosure timelines. \n\n605 ( a ) Prohibition on reporting obsolete information.\n\n605B Duty to block information resulting from identity theft.\n\nFair Credit Billing Act ( 15 U.S.C. 16661666j ) : Any reported account status derived from a billing error constitutes a violation if not corrected. \n\nFair Debt Collection Practices Act ( 15 U.S.C. 1692e ( 8 ) ) : Prohibition against communicating false credit information ; applicable to any data received from debt collectors and published by you. \n\nXXXX XXXX ( 15 U.S.C. 68016809 ) & Regulation P : Full disclosure of all nonpublic personal information, all affiliate and non-affiliate data-sharing, and safeguards compliance. \n\nFTC Act ( 15 U.S.C. 45 ) : Prohibits unfair or deceptive acts or practices, including maintaining and furnishing inaccurate, outdated, or suppressed negative information to third parties. \n\nRight to Financial Privacy Act ( 12 U.S.C. 34013422 ) : Prohibits unauthorized access to and dissemination of financial records. \n\nElectronic Communications Privacy Act ( 18 U.S.C. 25102523 ) : Prohibits interception or disclosure of certain telecom and electronic records without consent. \n\nFTC Safeguards Rule ( 16 CFR Part 314 ) : Requires protection against unauthorized retention and use of consumer information, including stale data.\n\nState Data Privacy Laws ( including but not limited to CCPA/CPRA, Virginia CDPA , Colorado Privacy Act, Connecticut DPA , Utah Consumer Privacy Act ) : Right to access, correct, and delete all personal data, not limited to FCRAs consumer file.\n\nState Unfair and Deceptive Acts and Practices Statutes ( UDAP ) : Broad prohibition against deceptive suppression of derogatory data while still using it in scoring. \n\nData Categories Demanded You must produce all of the following without omission or sanitization : Full consumer file under FCRA 609 ( a ) ( 1 ), including any lender-facing or phantom file used in scoring or risk assessment. \n\nAll header/identifier data ( names, SSNs, DOBs, address history, employer history ), active or archived. \n\nAll tradeline data ( open, closed, paid, charged-off, deleted, or suppressed ), including internal suppression codes and archived account records. \n\nAll public record data ( bankruptcies, liens, judgments, evictions, foreclosures ), regardless of age, whether active, archived, or suppressed. \n\nAll inquiry data ( hard, soft, internal risk/fraud inquiries, suppressed inquiries ). \n\nComplete third-party sourcing : the name, address, and data categories supplied by every entity from which you have obtained, or to which you have furnished, information about me, whether affiliated or unaffiliated, regardless of how you classify the source. \n\nAll internal risk, fraud, or proprietary scoring models in which I am included, with complete adverse reason codes and scoring criteria. \n\nComplete dispute and suppression history, including results, internal notes, suppression codes, and reinsertion logs. \n\nComplete list of all recipients of any consumer report or related dataset about me within the last XXXX  years, with the permissible purpose claimed. \n\nNon-Compliance Warning Failure to produce all requested records, or producing only a partial/sanitized file, will constitute : Willful non-compliance under FCRA 616 and 617.\n\nUnfair or deceptive acts under the FTC Act and applicable state UDAP statutes. \n\nViolation of GLBA disclosure obligations and data-safeguarding requirements. \n\nPotential violations of RFPA and ECPA if protected records are withheld or disclosed improperly. \n\nI reserve all rights to seek statutory damages, actual damages, attorneys fees, injunctive relief, and to refer evidence to the FTC, state XXXX XXXX, and appropriate federal law enforcement agencies. \n\nThis demand is being logged for evidentiary purposes. Your full compliance within the applicable statutory timelines is required.","date_sent_to_company":"2025-08-14T17:16:30.000Z","issue":"Unable to get your credit report or credit score","sub_product":"Credit reporting","zip_code":"84020","tags":null,"has_narrative":true,"complaint_id":"15289051","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CBC Companies, Inc.","date_received":"2025-08-14T17:11:54.000Z","state":"UT","company_public_response":null,"sub_issue":"Other problem getting your report or credit score"},"highlight":{"complaint_what_happened":["Right to Financial Privacy Act ( 12 U.S.C. 34013422 ) : Prohibits <em>unauthorized</em> <em>access</em> to and dissemination of financial records. \n\nElectronic Communications Privacy Act ( 18 U.S.C. 25102523 ) : Prohibits <em>interception</em> or disclosure of certain telecom and electronic records without consent. \n\nFTC Safeguards Rule ( 16 CFR Part 314 ) : Requires protection against <em>unauthorized</em> retention and use of consumer information, including stale data."]},"sort":[12.376451,"15289051"]},{"_index":"complaint-public-v1","_id":"13302870","_score":11.472542,"_source":{"product":"Debt collection","complaint_what_happened":"On XX/XX/year>, I paid {$180.00} through Radius Global Solutions online portal ( XXXX  ) to settle a {$470.00} debt, pursuant to their settlement offer letter dated XX/XX/year>, which explicitly promised the account would be resolved and closed upon payment of {$180.00} by XX/XX/year>. However, Radius Global Solutions engaged in a systematic pattern of deceptive, unfair, and abusive practices designed to obstruct my ability to document this payment, deceive me into paying more than the agreed-upon settlement amount, and cause severe emotional distress. Their actions reveal an intentional architecture of their website and company practices to exploit consumers, violating multiple federal and state laws and warranting significant restitution and a refund of my payment. \n\nIntentional Obstruction of Payment Documentation : After making the payment, the Print Receipt button on their confirmation page was non-functional. Technical analysis using browser developer tools revealed that their XXXX XXXX XXXX ( XXXX ) deliberately blocks the buttons XXXX XXXX XXXX XXXX XXXX XXXX event handler by disallowing unsafe-inline in the script-src directive. This calculated design choicewhen they could have used an Angular event binding or adjusted the XXXXprevented me from obtaining a receipt, leaving me vulnerable to false claims of non-payment and causing significant anxiety. \nRefusal to Provide Immediate Confirmation and Stalling Tactics : When I contacted Radius Global Solutions at XXXX to request confirmation of my payment, they refused to provide it immediately, claiming it would be sent in a letter in XXXX business days ( around May 1316, 2025 ). This delay is unconscionable for an electronic payment. During my calls, they employed stalling tactics by keeping me on hold for a manager for an extended period, further delaying resolution. After persistent demands, they provided a confirmation number, but only after subjecting me to undue frustration. \nForced Logouts and Deceptive Portal Design to Induce Overpayment : On multiple occasions, collection agents logged me out of the portal mid-session, forcing me to log back in repeatedly. The portal initially displayed the full {$470.00} balance as due, despite the {$180.00} settlement offer, only showing the reduced amount after navigating to the Reduced Balance Offers section. These forced logouts and the portals deceptive design appear to be deliberate tactics to deceive consumers into paying more than the agreed settlement amount, as the default display of the higher balance could mislead someone into overpaying. This reflects an intentional architecture of their website and company practices to exploit consumers, further compounding my stress and distrust.\n\nRisk of Identity Theft and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity theft and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the risk of interception or unauthorized access. Their deceptive practices and failure to provide immediate confirmation further eroded my trust in their ability to safeguard my financial and personal information, adding to my distress.\n\nStatutory Violations : FDCPA 15 U.S.C. 1692e ( False or Misleading Representations ) : The non-functional Print Receipt button, refusal to provide immediate confirmation, and portal design that defaults to the full balance while forcing logouts are deceptive, misleading me into believing I could easily document my payment and pay the agreed settlement amount, violating Section 1692e.\n\nFDCPA 15 U.S.C. 1692f ( Unfair Practices ) : The deliberate XXXX configuration, XXXX business day delay, stalling tactics, forced logouts, and portal design encouraging overpayment are unfair, exposing me to risk of false claims and unauthorized payments, violating Section 1692f.\n\nFDCPA 15 U.S.C. 1692f ( 1 ) : Attempting to collect an amount not authorized by the settlement agreement ( {$180.00} ) by designing the portal to display the full {$470.00} balance and forcing logouts to encourage overpayment violates Section 1692f ( 1 ).\n\nFDCPA 15 U.S.C. 1692d ( Harassment or Abuse ) : The forced logouts, stalling tactics, refusal to provide immediate confirmation, and deceptive portal design constitute harassment under Section 1692d, as their conduct was intended to pressure and intimidate me into overpaying.\n\nRegulation E 12 CFR 1005.9 : As an electronic payment, I am entitled to prompt documentation. Their non-functional button and delayed confirmation violate this regulation.\n\nEFTA 15 U.S.C. 1693e : The portal design and forced logouts, which push users to the full balance screen, attempt to induce an unauthorized payment beyond the {$180.00} I authorized, violating Section 1693e.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 5 ) : The forced logouts constitute intentional interference with my authorized access to the portal, impairing its functionality and causing damage to my user experience.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 4 ) : The deceptive portal design, combined with forced logouts, constitutes fraud by deception with intent to obtain a higher payment, violating Section 1030 ( a ) ( 4 ).\n\nDodd-Frank UDAAP 12 U.S.C. 5531 : The portal design, forced logouts, and delayed confirmation are deceptive, unfair, and abusive, taking advantage of my vulnerability as a debtor to pressure overpayment, violating UDAAP standards.\n\nFTCA Section 5 15 U.S.C. 45 : The portal design, forced logouts, and non-functional button are unfair and deceptive acts in commerce, violating Section 5.\n\nMinnesota Consumer Protection Laws Minn. Stat. 325F.69 : Operating in Minnesota , their deceptive digital practices ( XXXX  configuration, forced logouts, portal design ) violate state laws against unfair practices in commerce.","date_sent_to_company":"2025-05-02T16:51:12.000Z","issue":"False statements or representation","sub_product":"Credit card debt","zip_code":"716XX","tags":"Servicemember","has_narrative":true,"complaint_id":"13302870","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"Radius Global Solutions LLC","date_received":"2025-05-02T16:19:27.000Z","state":"AR","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Attempted to collect wrong amount"},"highlight":{"complaint_what_happened":["<em>Risk</em> of Identity Theft and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity theft and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the <em>risk</em> of <em>interception</em> or <em>unauthorized</em> <em>access</em>."]},"sort":[11.472542,"13302870"]},{"_index":"complaint-public-v1","_id":"13301317","_score":11.472542,"_source":{"product":"Debt collection","complaint_what_happened":"On XX/XX/scrub>XXXX XXXX XXXX I paid {$180.00} through XXXX XXXX XXXX online portal ( XXXX  ) to settle a {$470.00} debt, pursuant to their settlement offer letter dated XX/XX/scrub> XXXX XXXX which explicitly promised the account would be resolved and closed upon payment of {$180.00} by XX/XX/year>. However, XXXX XXXXXXXX XXXX engaged in a systematic pattern of deceptive, unfair, and abusive practices designed to obstruct my ability to document this payment, deceive me into paying more than the agreed-upon settlement amount, and cause severe emotional distress. Their actions reveal an intentional architecture of their website and company practices to exploit consumers, violating multiple federal and state laws and warranting significant restitution and a refund of my payment. \n\nIntentional Obstruction of Payment Documentation : After making the payment, the Print Receipt button on their confirmation page was non-functional. Technical analysis using browser developer tools revealed that their Content Security Policy ( CSP ) deliberately blocks the buttons onclick= '' window.print ( ) '' event handler by disallowing unsafe-inline in the script-src directive. This calculated design choicewhen they could have used an Angular event binding or adjusted the CSPprevented me from obtaining a receipt, leaving me vulnerable to false claims of non-payment and causing significant anxiety. \nRefusal to Provide Immediate Confirmation and Stalling Tactics : When I contacted XXXX XXXX XXXX at XXXX to request confirmation of my payment, they refused to provide it immediately, claiming it would be sent in a letter in XXXX business days ( around XXXX XXXX XXXX  ). This delay is unconscionable for an electronic payment. During my calls, they employed stalling tactics by keeping me on hold for a manager for an extended period, further delaying resolution. After persistent demands, they provided a confirmation number, but only after subjecting me to undue frustration. \nForced Logouts and Deceptive Portal Design to Induce Overpayment : On multiple occasions, collection agents logged me out of the portal mid-session, forcing me to log back in repeatedly. The portal initially displayed the full {$470.00} balance as due, despite the {$180.00} settlement offer, only showing the reduced amount after navigating to the Reduced Balance Offers section. These forced logouts and the portals deceptive design appear to be deliberate tactics to deceive consumers into paying more than the agreed settlement amount, as the default display of the higher balance could mislead someone into overpaying. This reflects an intentional architecture of their website and company practices to exploit consumers, further compounding my stress and distrust. \nRisk of Identity Theft and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity theft and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the risk of interception or unauthorized access. Their deceptive practices and failure to provide immediate confirmation further eroded my trust in their ability to safeguard my financial and personal information, adding to my distress. \nStatutory Violations : FDCPA 15 U.S.C. 1692e ( False or Misleading Representations ) : The non-functional Print Receipt button, refusal to provide immediate confirmation, and portal design that defaults to the full balance while forcing logouts are deceptive, misleading me into believing I could easily document my payment and pay the agreed settlement amount, violating Section 1692e.\n\nFDCPA 15 U.S.C. 1692f ( Unfair Practices ) : The deliberate CSP configuration, 710 business day delay, stalling tactics, forced logouts, and portal design encouraging overpayment are unfair, exposing me to risk of false claims and unauthorized payments, violating Section 1692f. \nFDCPA 15 U.S.C. 1692f ( 1 ) : Attempting to collect an amount not authorized by the settlement agreement ( {$180.00} ) by designing the portal to display the full {$470.00} balance and forcing logouts to encourage overpayment violates Section 1692f ( 1 ).\n\nFDCPA 15 U.S.C. 1692d ( Harassment or Abuse ) : The forced logouts, stalling tactics, refusal to provide immediate confirmation, and deceptive portal design constitute harassment under Section 1692d, as their conduct was intended to pressure and intimidate me into overpaying. \nRegulation E 12 CFR 1005.9 : As an electronic payment, I am entitled to prompt documentation. Their non-functional button and delayed confirmation violate this regulation.\n\nEFTA 15 U.S.C. 1693e : The portal design and forced logouts, which push users to the full balance screen, attempt to induce an unauthorized payment beyond the {$180.00} I authorized, violating Section 1693e.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 5 ) : The forced logouts constitute intentional interference with my authorized access to the portal, impairing its functionality and causing damage to my user experience.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 4 ) : The deceptive portal design, combined with forced logouts, constitutes fraud by deception with intent to obtain a higher payment, violating Section 1030 ( a ) ( 4 ).\n\nDodd-Frank UDAAP 12 U.S.C. 5531 : The portal design, forced logouts, and delayed confirmation are deceptive, unfair, and abusive, taking advantage of my vulnerability as a debtor to pressure overpayment, violating UDAAP standards.\n\nFTCA Section 5 15 U.S.C. 45 : The portal design, forced logouts, and non-functional button are unfair and deceptive acts in commerce, violating Section 5.\n\nMinnesota Consumer Protection Laws Minn. Stat. 325F.69 : Operating in Minnesota , their deceptive digital practices ( CSP configuration, forced logouts, portal design ) violate state laws against unfair practices in commerce.","date_sent_to_company":"2025-05-02T16:51:07.000Z","issue":"False statements or representation","sub_product":"Credit card debt","zip_code":"716XX","tags":"Servicemember","has_narrative":true,"complaint_id":"13301317","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CAPITAL ONE FINANCIAL CORPORATION","date_received":"2025-05-02T16:50:39.000Z","state":"AR","company_public_response":null,"sub_issue":"Attempted to collect wrong amount"},"highlight":{"complaint_what_happened":["<em>Risk</em> of Identity Theft and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity theft and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the <em>risk</em> of <em>interception</em> or <em>unauthorized</em> <em>access</em>."]},"sort":[11.472542,"13301317"]},{"_index":"complaint-public-v1","_id":"11090522","_score":10.478018,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Bottom Line Up Front My bank, WesBanco, is not protecting my PII financial data in accordance with laws and regulations to my satisfaction. Some people may be OK with the way WesBanco handles PII financial data, but I am not. \n\nI am XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXXXXXX XXXX, XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX ). Not reporting something that I consider as a deficiency of security practices would put me in violation of the XXXX XXXX of XXXX. \n\nComplaint WesBanco recently changed their online banking service. The new service requires that if I do a transfer online, the online system will generate an UNENCRYPTED email notification that contains several pieces PII financial data. The notification of a transfer email associates my email with the last XXXX digits of several account numbers, account balances, and loan balances ( if a loan is part of the transfer ). There is no way to opt out of this email message being sent when an online transfer is made. The online interface does allow for the user to opt out of some other email notifications, but not email notifications that involve transfers. There may be other notifications associated with the online system that also require email notifications. \n\nAttempt to Resolve I brought this to their attention around XXXX when my wife and I were moved from the Wesbanco online system that we have used for years to the new ( new to us ) online system and did a transfer. After months of escalation within WesBanco, I was informed that they will not address my concern and will not rewrite the software just for me. I have been involved in software development for years. I would consider this a security patch and not a rewrite. Their claim is since it did not contain the entire account number it does not need any protections. I do understand the desire to notify users about a transfer, but do not understand the need to include PII financial data including transfer amounts, account balances, and account references ( last 4 of account number ) via UNECRYPTED email. I informed them that I would be ok with an email that simply stated that a transfer had occurred. ( note that the last XXXX numbers of an account are not themselves PII financial data, however if it is combined with email address, names, account balances it probably is. I.e. coupled data ). I now do all transfers at a teller window at a physical bank location so that an email is not generated. This is becoming more difficult since the bank hours have been shortened, requiring me to take time off work to go to the bank. \n\nQuestions XXXX. What options do I have to protect my PII financial data including account balances from being emailed in plain text? \n\nXXXX Who needs to get involved to address the issues? ( XXXX Attorney General, FDIC, etc ) XXXX. How do I protect myself from retaliation from WesBanco for reporting them? \n\nInformation Personally Identifiable Financial Information ( Financial PII ) FFIEC : Personally-identifiable financial information is any information that a financial institution obtains about a consumer in conjunction with providing a financial product or service. This includes information provided during any financial transaction. \nPersonally-identifiable financial information might include any of the items of information listed herefrom the fact that a consumer relationship exists between an individual and a financial institution to the specific account balance of that individual. \nFDIC : Personally identifiable financial information ( PII ) is any information that a financial institution obtains about a consumer that can be used to identify them : Credit card numbers, Bank account numbers, XXXX reports, The value of a consumer 's home, and whether an individual has a loan with a particular institution. \n\nGLB Gramm-Leach-Bliley ( GLB ) Act of 1999 which prohibits the disclosure of certain private information like Social Security numbers, income , and some outstanding debt. The Act, which is federally-mandated, consists of three sections : the Financial Privacy Rule which regulates the collection and disclosure of private information ; the Safeguards Rule requires financial institutions to enact security programs to protect personal information ; and the Pretexting provisions that prohibit the access of private information under false pretenses. \nThe GLB Act also determines what information can be shared and with whom. Information that is publicly available like phone numbers or addresses can be shared. Information that can not be shared is called personally identifiable financial information which is not publicly available. It includes data provided on a loan application, credit card information, account balance, payment history, purchase information, Social Security data and birth dates, and even the institution where they bank.\n\nNIST 8062 They [ the FIPPs ] are value statements rather than recipes, however. System planners often encounter difficulties when trying to operationalize them, particularly when assessing privacy risks and when establishing privacy requirements XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX defines PII XXXX information that can be used to distinguish or trace an individuals identity, either alone or when combined with other information that is linked or linkable to a specific individual.70 Circular A-130 notes that the definition is necessarily broad.71 Nonetheless, as previously noted in this report, more consideration needs to be given to the effect of cyber [ 1 ] physical systems on human behavior in the physical realm, and how it should be accounted for in a privacy risk model.72 Federal Financial Regulators Should Take Additional Actions to Enhance Their Protection of Personal Information This comment is due to HELOC balance being PII PII such as borrowers full name, account numbers, outstanding balance ( XXXX ), interest rates, and payment information. \n\nCode of Federal Regulations - PART 332PRIVACY OF CONSUMER FINANCIAL INFORMATION 332.3 section ( o ) ( 1 ) Personally identifiable financial information means any information : ( i ) A consumer provides to you to obtain a financial product or service from you ; ( ii ) About a consumer resulting from any transaction involving a financial product or service between you and a consumer ; or ( iii ) You otherwise obtain about a consumer in connection with providing a financial product or service to that consumer.\n\n( 2 ) Examples ( i ) Information included. Personally identifiable financial information includes : ( A ) Information a consumer provides to you on an application to obtain a loan, credit card, or other financial product or service; ( B ) Account balance information, payment history, overdraft history, and credit or debit card purchase information ; ( C ) The fact that an individual is or has been one of your customers or has obtained a financial product or service from you ; ( D ) Any information about your consumer if it is disclosed in a manner that indicates that the individual is or has been your consumer ; ( E ) Any information that a consumer provides to you or that you or your agent otherwise obtain in connection with collecting on a loan or servicing a loan ; ( F ) Any information you collect through an Internet cookie ( an information collecting device from a web server ) ; and ( G ) Information from a consumer report.\n\nNIST SP 800-122 How to protect PII.\n\nAbstract The purpose of this document is to assist Federal agencies in protecting the confidentiality of personally identifiable information ( PII ) in information systems. The document explains the importance of protecting the confidentiality of PII in the context of information security and explains its relationship to privacy using the Fair Information Practices, which are the principles underlying most privacy laws and privacy best practices. PII should be protected from inappropriate access, use, and disclosure. This document provides practical, context-based guidance for identifying PII and determining what level of protection is appropriate for each instance of PII. The document also suggests safeguards that may offer appropriate levels of protection for PII and provides recommendations for developing response plans for incidents involving PII.\n\nGiven the nature of interconnected networks and the use of the internet to share information, the protection of sensitive data can become difficult if proper mechanisms are not employed. Any network service that handles sensitive or valuable datawhether it is personally identifiable information ( PII ), financial data, or login informationneeds to adequately protect that data. Transport Layer Security ( TLS ) protocols were created to provide authentication, confidentiality, and data integrity protection between a client and server. The initiative to secure connections will enhance privacy, increase trust that data and services are authentic, and prevent undetected modification of data from government servers while in transit. \n\nEmail Various snippets from documents Unencrypted emails containing personally identifiable information ( PII ) are a security risk and can be a violation of privacy laws. \nSecurity risk : Unencrypted emails can be intercepted and read by unauthorized individuals. Emails travel through multiple computers before reaching the recipient and can be exposed to hackers. \nUnencrypted email is not secure for sending personally identifiable information ( PII ), such as financial data, because it can be intercepted by hackers. This can lead to identity theft, financial fraud, and reputational damage.","date_sent_to_company":"2024-12-09T16:56:02.000Z","issue":"Other service problem","sub_product":"Domestic (US) money transfer","zip_code":"45458","tags":null,"has_narrative":true,"complaint_id":"11090522","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WESBANCO BANK, INC.","date_received":"2024-12-09T16:40:26.000Z","state":"OH","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["Email Various snippets from documents Unencrypted emails containing personally identifiable information ( PII ) are a security <em>risk</em> and can be a violation of privacy laws. \nSecurity <em>risk</em> : Unencrypted emails can be <em>intercepted</em> and read by <em>unauthorized</em> individuals. Emails travel through multiple computers before reaching the recipient and can be exposed to hackers."]},"sort":[10.478018,"11090522"]},{"_index":"complaint-public-v1","_id":"20532406","_score":10.38434,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"SWORN STATEMENT OF IDENTITY THEFT AND FRAUDULENT IMPERSONATION BY AT-LARGE ASSAILANTS Prepared for Submission to Law Enforcement and the Consumer Financial Protection Bureau XXXX CFPB ) CONFIDENTIAL FOR LAW ENFORCEMENT AND REGULATORY USE ONLY SECTION XXXX : VICTIM IDENTIFICATION VICTIM PERSONAL IDENTIFYING INFORMATION Full Legal Name : [ REDACTED On File with Filing Agency ] Social Security Number : [ REDACTED On File with Filing Agency XXXX XXXX & # XXXX ; XXXX License Number : [ REDACTED On File with Filing Agency ] State of Issue : North Carolina XXXX XXXX : STATEMENT OF FACTS I hereby declare under penalty of perjury that the following is true and correct to the best of my knowledge and belief. I am submitting this sworn statement to support a law enforcement identity theft report and a formal identity theft complaint with the Consumer Financial Protection Bureau ( CFPB ). \nMy personal identifying information including my full legal name, Social Security number, date of birth, driver & # XXXX ; XXXX license number, home address, email address, and T-Mobile telephone numbers has been compromised through a series of confirmed, publicly documented data breaches affecting major credit bureaus, data broker companies, and telecommunications providers between XXXX and XXXX. My information was contained within the compromised datasets of each of the breaches identified in XXXX XXXX of this document, to a degree and capacity that is currently unknown and XXXX be ongoing. \nAs a direct and proximate result of these breaches, XXXX ( XXXX ) at-large, unidentified assailants have been actively using my stolen identity to fraudulently represent themselves as me since approximately XXXX. \nThese individuals are in possession of sufficient personal information including but not limited to my Social Security number, date of birth, driver & # XXXX ; XXXX license number, home address, email address, and IDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY telephone numbers to convincingly pass identity verification checks across a wide range of businesses, financial institutions, government agencies, and service providers. \nDue to the extensive volume and accuracy of the stolen information available to the assailants, it is extremely difficult and in many cases practically impossible for businesses and organizations to detect, through standard verification procedures, that the individual presenting my credentials is not, in fact, me. \n\nSECTION XXXX : METHODS OF FRAUDULENT IMPERSONATION The assailant ( XXXX ) have employed the following multi-channel tactics to impersonate me across multiple jurisdictions. The sophistication and breadth of these methods is directly attributable to the comprehensive personal data made available to them through the data breaches documented herein : A. Falsified Government Identification and Documents The assailant ( XXXX ) have been providing falsified government-issued identification including driver & # XXXX ; XXXX licenses and identification cards bearing my personal information ( name, address, date of birth, Social Security number ) while displaying their own photograph or altered images. \nThese fraudulent documents have been presented to businesses, financial institutions, rental agencies, law enforcement, and other entities that rely on photo identification as a primary form of verification. \nBecause the biographical data on the fraudulent documents matches my legitimate records held by credit bureaus, data brokers, and government databases, these documents are extremely difficult to detect without biometric or forensic verification. \nThe assailants have been operating with these materials since at least XXXX and XXXX have refined their documentation over time as additional breached data became available. \n\nB. Phone Number and Two-Factor Authentication Exploitation My XXXX telephone numbers ( XXXX ) XXXX and ( XXXX ) XXXX were exposed through XXXX & # XXXX ; XXXX multiple confirmed data breaches in XXXX, XXXX, and XXXX. \nThe assailant ( XXXX ) have used these phone numbers to receive one-time passwords ( OTPs ), SMS verification codes, and two-factor authentication ( XXXX ) confirmations, allowing them to create or access accounts in my name across financial, retail, and government platforms. \nThrough SIM-swapping techniques or unauthorized account access, these numbers XXXX have been redirected to devices controlled by the assailants, enabling real-time interception of verification messages intended for me. \n\nXXXX Email Address XXXX XXXX email address has been exposed through the data breaches documented in this statement. \nThe assailant ( XXXX ) have used this email address to create, verify, or recover accounts fraudulently opened in my name. \n\nIDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY This email has been used in conjunction with my phone numbers to satisfy multi-factor authentication requirements, giving the assailants a near-complete account access and recovery capability. \n\nXXXX XXXX Address Monitoring and Mail Interception My home address is known to the assailants as a direct result of the data breaches listed herein, several of which exposed historical and current address data. \nThe assailant ( XXXX ) are believed to be monitoring mail delivery to my address through XXXX XXXX XXXX or similar postal tracking services, obtaining advance digital notice of incoming mail, financial documents, account statements, and new payment cards. \nThis allows them to intercept critical financial and identity documents including credit cards, account notifications, and government correspondence without requiring physical presence at my address at the time of delivery, and without my knowledge. \nThis method effectively disables the mail-based notification systems that would otherwise alert me to fraudulent account openings, changes to existing accounts, or other unauthorized activity. \n\nXXXX Complete Identity Package Cascading Breach Exploitation By combining data from multiple breaches SSN ( Equifax XXXX, XXXX XXXX XXXX XXXX, TransUnion XXXX ), address history ( National Public Data XXXX ), phone and account data ( XXXX XXXX XXXX ), driver & # XXXX ; XXXX license data ( XXXX XXXX, TransUnion XXXX ), and full credit report access ( XXXX  XXXX ) the assailants have assembled a complete, current identity package. \nThis comprehensive data set enables the assailants to answer knowledge-based authentication ( KBA ) security questions that financial institutions and credit bureaus use for identity verification including questions about past addresses, loan amounts, vehicle registrations, and account histories. \nThe cumulative effect of multiple breaches means that each new incident added more detail and currency to the assailants & # XXXX ; identity package, progressively making their impersonation more convincing and harder to detect. \n\nSECTION XXXX : DATA BREACHES INFORMATION COMPROMISED The following publicly confirmed data breaches are identified as sources through which the personal identifying information of \" REDACTED '' was compromised. The victim & # XXXX ; XXXX information was contained within the affected datasets of each breach listed below to an extent that is currently unknown. Each breach independently contributed to the complete identity profile now being exploited by the assailants identified in this statement. \nCompany / Entity Year Data Exposed / Incident Summary Victim Exposure Status Equifax XXXX XXXX, XXXX, addresses, driver & # XXXX ; XXXX licenses, credit history XXXX XXXX Americans affected DATA COMPROMISED IDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY XXXX XXXX Account data, SSNs, billing addresses, phone numbers XXXX XXXX records exposed DATA COMPROMISED XXXX XXXX XXXX, XXXX, driver & XXXX XXXX ; XXXX license, IMEI numbers, phone account data XXXX XXXX customers DATA COMPROMISED XXXX XXXX Full credit reports exposed via IDOR vulnerability for all XXXX consumers 47 days XXXX unauthorized access DATA COMPROMISED XXXX XXXX Consumer account hijacking identity thieves could re-register any account using a different email address DATA COMPROMISED XXXX XXXX Names, addresses, identity numbers, phone numbers, credit scores approximately XXXX XXXX consumers DATA COMPROMISED XXXX XXXX Account data, billing addresses, contact info XXXX XXXX XXXX customers affected DATA COMPROMISED XXXX & amp ; XXXX XXXX XXXX ransomware XXXX XXXX XXXX & amp ; XXXX XXXX business and consumer data accessed DATA COMPROMISED TXXXX  XXXX Names, credit scores, loan balances, passport info, employer data XXXX consumer records ( XXXX XXXX ) DATA COMPROMISED AT & amp ; T XXXX SSNs, account numbers, passcodes, contact data XXXX XXXX current and former customers DATA COMPROMISED National Public Data XXXX XXXX, full name, historical addresses, relatives & # XXXX ; data approximately XXXX XXXX records stolen DATA COMPROMISED XXXX / XXXX XXXX XXXX, XXXX, XXXX & # XXXX ; XXXX XXXX number, contact info XXXX individuals ; breach occurred XX/XX/XXXX, disclosed XX/XX/XXXX DATA COMPROMISED XXXXn XXXX SSNs, DOBs, names XXXX XXXX XXXX. \nconsumers via XXXX  vendor compromise ( breach date : XX/XX/XXXX ) DATA COMPROMISED IMPORTANT NOTE : The above list reflects publicly confirmed, documented breaches as of the date of this statement. The actual scope of compromise XXXX be broader, as additional incidents XXXX not have been publicly disclosed, and data aggregators routinely combine information from multiple breach sources. The victim & # XXXX ; XXXX inclusion in each breach is based on documented exposure of personally identifying information matching his profile during the timeframes in which he was an active consumer of each affected service. \n\nSECTION XXXX : ONGOING HARM AND CONTINUING IMPACT IDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY The identity theft being perpetrated against XXXX XXXX XXXX XXXX is active and ongoing as of the date of this statement. The harm is not limited to any single fraudulent transaction but constitutes a continuing course of criminal conduct with compounding effects : Fraudulent accounts opened in the victim & # XXXX ; XXXX name across financial, retail, telecommunications, and government service platforms, potentially spanning multiple counties and states. \nDamage to the victim & # XXXX ; XXXX credit profile through unauthorized account openings, unauthorized hard credit inquiries, and derogatory reporting by entities deceived by the assailants. \nPotential criminal record contamination the assailants XXXX be using the victim & # XXXX ; XXXX identity in connection with law enforcement encounters, arrests, or court proceedings, creating false criminal or warrant records tied to the victim & # XXXX ; XXXX name, XXXX, or driver & # XXXX ; XXXX license number. \nOngoing interception of postal and electronic communications, depriving the victim of the ability to detect and respond to fraudulent activity through normal notification channels. \nPermanent compromise of core biographic identifiers SSN and date of birth can not be changed ; driver & # XXXX ; XXXX license number is extremely difficult to change meaning the risk of future harm is indefinite and ongoing. \nSubstantial time, financial, and psychological burdens imposed by the continuous need to monitor, dispute, and remediate fraudulent activity across multiple accounts, agencies, and jurisdictions. \n\nXXXX VI : REQUESTED LAW ENFORCEMENT AND REGULATORY ACTIONS A. Police Report Multi-County Filing A formal identity theft police report should be filed in XXXX XXXX in which the assailants have been identified as, or are reasonably suspected of, impersonating XXXX XXXX XXXX XXXX. \nA report must be filed in XXXX XXXX, NC ( XXXX ) as XXXX XXXX of the victim & # XXXX ; XXXX residence and the primary jurisdiction for address-based mail interception and local fraud. \nXXXX XXXX & # XXXX ; XXXX report should reference this sworn statement, the CFPB Identity Theft Report, and all breach documentation herein. \nLaw enforcement is requested to investigate whether the assailants have used the victim & # XXXX ; XXXX identity in connection with any law enforcement encounters, criminal proceedings, or warrant activity and to correct the record accordingly. \n\nB. XXXX XXXX XXXX XXXX. XXXX XXXX XXXX ( XXXX ) : XXXX is requested for investigation of mail monitoring, mail theft, and mail fraud under XXXX XXXX. XXXX and XXXX. \nFederal Trade Commission ( FTC ) : Identity Theft Report at identitytheft.gov should be filed in conjunction with this sworn statement. \nFederal Bureau of Investigation ( FBI ) Internet Crime Complaint Center ( XXXX ) : Referral is recommended given the multi-state, multi-platform, and financially motivated nature of the fraud. \nAll applicable state and federal identity fraud statutes should be referenced, including XXXX XXXX. \nXXXX ( XXXX XXXX ) and N.C.G.S. XXXX ( Identity Theft ). \n\nIDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY XXXX CFPB Identity Theft Report and Credit Bureau XXXX A formal Identity Theft Report will be simultaneously filed with the Consumer Financial Protection Bureau ( CFPB ) at identitytheft.gov or XXXX. \nThe CFPB report, combined with this sworn statement and accompanying police report numbers, constitutes a legally recognized Identity Theft Report under the Fair Credit Reporting Act ( FCRA ), entitling the victim to : extended fraud alerts ( 7 years ), identity theft blocks on fraudulent tradelines, copies of fraudulent account applications, and the right to stop debt XXXX from collecting debts resulting from identity theft. \nSecurity freezes should be placed with all three major credit bureaus ( Equifax , XXXX XXXX  ) and specialty bureaus including XXXX XXXX XXXX, XXXX, XXXX, and XXXX. \nCopies of this document and the accompanying police report numbers should be submitted to each bureau to trigger block and investigation procedures under FCRA XXXX. \n\nSECTION XXXX : SWORN DECLARATION AND SIGNATURE I, declare under penalty of perjury under the laws of the United States of America and the State of North Carolina that the foregoing is true and correct to the best of my knowledge, information, and belief. I am the victim of identity theft as described herein. I did not authorize the use of my personal information by any of the parties referenced in this document. I authorize law enforcement, the CFPB, the FTC, and any relevant agency or financial institution to use this document in connection with the investigation and remediation of the identity theft described herein.","date_sent_to_company":"2026-03-24T07:32:04.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"27405","tags":"Servicemember","has_narrative":true,"complaint_id":"20532406","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2026-03-24T07:31:38.000Z","state":"NC","company_public_response":null,"sub_issue":"Credit inquiries on your report that you don't recognize"},"highlight":{"complaint_what_happened":["The assailant ( XXXX ) have used these phone numbers to receive one-time passwords ( OTPs ), SMS verification codes, and two-factor authentication ( XXXX ) confirmations, allowing them to create or <em>access</em> accounts in my name across financial, retail, and government platforms. \nThrough SIM-swapping techniques or <em>unauthorized</em> account <em>access</em>, these numbers XXXX have been redirected to devices controlled by the assailants, enabling real-time <em>interception</em> of verification messages intended for me."]},"sort":[10.38434,"20532406"]},{"_index":"complaint-public-v1","_id":"10914202","_score":8.082605,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to XXXX Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear XXXX Consumer Services, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" XXXX XXXX' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" XXXX '' is derived from the XXXX \" XXXX '' ( meaning \" XXXX  '' ) and the XXXX XXXX \" XXXX '' ( from \" XXXX XXXX' meaning XXXX XXXX  '' and \" XXXX '' meaning \" XXXXXXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX , or his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \n1. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681e ( b ), XXXX is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the Eastern Michigan Bankruptcy Court, which has confirmed that XXXX XXXX XXXXXXXX XXXX bankruptcy is not a matter of public record, XXXX has continued to report inaccurate bankruptcy information. This constitutes a violation of 15 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records. \nFurthermore, under 15 U.S.C. 1681c, XXXX is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXX IIIs bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of 1974 ( 5 U.S.C. 552a ). \n2. Secured Party Creditor Rights under the Uniform Commercial Code ( UCC ) Additionally, as XXXX XXXX XXXX XXXX is the Secured Party Creditor under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the Secured Party, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. XXXX and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by XXXX or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that XXXX and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX XXXX despite the court 's ruling. This is a direct violation of the Privacy Act of 1974 ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization. \nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX XXXX. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions. \nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXXXXXX XXXX personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nImmediate Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX data, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If XXXX or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has XXXX continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the Eastern Michigan Bankruptcy Court ruling that this information is not a matter of public record? \nCan XXXX provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXXXXXX XXXX credit report? \nWhat specific steps has XXXX taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has XXXX failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXXXXXX XXXX  credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can XXXX provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX to your agency? \nHow does XXXX verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does XXXX have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas XXXX paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas XXXX conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \nXXXX. Questions Regarding Penalties for Unauthorized Disclosure : What is XXXX policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs XXXX willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXX XXXXXXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is XXXX taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will XXXX agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill XXXX provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX  data? \nCan XXXX confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will XXXX ensure that all future records related to XXXX XXXX XXXX XXXX XXXX including any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan XXXX confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXX XXXX  bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does XXXX acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs XXXX prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does XXXX ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan XXXX provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is XXXX process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does XXXX plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how XXXX could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. XXXX is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on XXXX 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses. \nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals. \nNegative Financial Reputation : XXXX failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you. \n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, may cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : Employers may perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. XXXX failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from XXXX may prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors may view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security. \nXXXX. Vicarious Liability of XXXX XXXX is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that XXXX can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : XXXX, as the consumer reporting agency, is legally obligated under 15 U.S.C. 1681e ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If XXXX relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. XXXX has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, XXXX is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves XXXX open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you. \nFinancial Losses : The continuing erroneous bankruptcy information, coupled with XXXX failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, XXXX lack of action is a proximate cause of the direct financial harm you are experiencing. \nPenalties and Legal Liabilities : If XXXX or its vendors are found to have violated privacy laws or misused your data, they may be subject to financial penalties and may be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by XXXXmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. XXXX is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and XXXX must be held accountable for its actions and inaction in this matter. \n\nXXXX. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq. \nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like XXXX. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes. \n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires XXXX to maintain reasonable procedures to ensure the accuracy of the information it reports. If XXXX fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies. \n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires XXXX to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability. \n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If XXXX 's vendors acted negligently or willfully misreported data, they ( and XXXX ) could face legal consequences under this section. \nXXXX. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of XXXX governs the collection, maintenance, and dissemination of personal data by federal agencies. Although XXXX is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If XXXX and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination. \n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like XXXX. \nXXXX. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the XXXX, data ( tangible and intangible property ) is protected as part of the Secured Party 's property. \nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies. \n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If XXXX or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law. \nXXXX. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes.\n\n18 U.S.C. 1028 - Identity Theft : If XXXXs reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law. \n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If XXXX mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft. \nXXXX. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by XXXX. \nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities. \nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, XXXX could be liable for these types of privacy violations. \nXXXX. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq. \nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as XXXX and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by XXXX or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft. \n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from XXXX mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA. \n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like XXXX, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference.\n\nTortious Interference with Contractual Relations : If XXXXs false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you may claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims XXXX and its vendors may also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity. \nFraud Claims : If XXXX or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, XXXX actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if XXXX or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws. \nBy invoking these laws, you can hold XXXX and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:46.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10914202","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2024-11-24T07:41:43.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["<em>Unauthorized</em> use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies. \n18 U.S.C. 2511- <em>Interception</em> and Disclosure of Communications : This law prohibits the <em>interception</em> and <em>unauthorized</em> disclosure of private communications."]},"sort":[8.082605,"10914202"]},{"_index":"complaint-public-v1","_id":"10907701","_score":8.069268,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to Experian Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear Experian Consumer Services, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" surname, '' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" surname '' is derived from the XXXX \" super '' ( meaning \" above '' ) and the XXXX XXXX \" XXXX XXXX' ( from \" XXXX XXXX' meaning \" XXXX XXXX' and \" XXXX '' meaning \" XXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX XXXX XXXX his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \nXXXX. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), XXXX XXXX. XXXX ( b ), Experian is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the XXXX Michigan Bankruptcy XXXX, which has confirmed that XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a matter of public record, Experian has continued to report inaccurate bankruptcy information. This constitutes a violation of XXXX5 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records.\n\nFurthermore, under 15 U.S.C. 1681c, Experian is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXX IIIs bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of XXXX ( 5 U.S.C. 552a ). \nXXXX. Secured Party Creditor Rights under the Uniform Commercial Code ( UCC ) Additionally, as XXXX XXXX XXXX XXXX is the Secured Party Creditor under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the Secured Party, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX  personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. Experian and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by Experian or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that Experian and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX XXXX despite the court 's ruling. This is a direct violation of the Privacy Act of 1974 ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization.\n\nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX Experian. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions.\n\nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXXXXXX XXXX  personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nImmediate Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX XXXX, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If Experian or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has Experian continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the Eastern Michigan Bankruptcy Court ruling that this information is not a matter of public record? \nCan Experian provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXX XXXX credit report? \nWhat specific steps has Experian taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has Experian failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXXXXXX XXXX credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can Experian provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX to your agency? \nHow does Experian verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does Experian have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas Experian paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has Experian taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has Experian taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas Experian conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \n4. Questions Regarding Penalties for Unauthorized Disclosure : What is Experians policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs Experian willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXX XXXXXXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is Experian taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will Experian agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill Experian provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX data? \nCan Experian confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will Experian ensure that all future records related to XXXX XXXX XXXX XXXX XXXX including any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan Experian confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXXXXXX XXXX bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does Experian acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs Experian prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does Experian ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan Experian provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is Experians process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does Experian plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how Experian could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. Experian is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on Experian 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses.\n\nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals.\n\nNegative Financial Reputation : Experians failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you.\n\n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, may cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : Employers may perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. Experians failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from Experian may prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors may view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security.\n\n5. Vicarious Liability of Experian Experian is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that Experian can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : Experian, as the consumer reporting agency, is legally obligated under 15 U.S.C. 1681e ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If Experian relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. Experian has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, Experian is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves Experian open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you.\n\nFinancial Losses : The continuing erroneous bankruptcy information, coupled with Experians failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, Experians lack of action is a proximate cause of the direct financial harm you are experiencing.\n\nPenalties and Legal Liabilities : If Experian or its vendors are found to have violated privacy laws or misused your data, they may be subject to financial penalties and may be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by Experianmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. Experian is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and Experian must be held accountable for its actions and inaction in this matter. \n\nXXXX. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq.\n\nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like Experian. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes.\n\n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires Experian to maintain reasonable procedures to ensure the accuracy of the information it reports. If Experian fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies.\n\n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires Experian to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability.\n\n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If Experian 's vendors acted negligently or willfully misreported data, they ( and Experian ) could face legal consequences under this section.\n\n2. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of 1974 governs the collection, maintenance, and dissemination of personal data by federal agencies. Although Experian is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If Experian and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination.\n\n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like Experian.\n\n3. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the UCC, data ( tangible and intangible property ) is protected as part of the Secured Party 's property.\n\nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by Experian or its vendors would breach these obligations.\n\n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If Experian or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law.\n\n5. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes.\n\n18 U.S.C. 1028 - Identity Theft : If Experians reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law.\n\n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If Experians mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft.\n\n6. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by Experian.\n\nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities.\n\nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, Experian could be liable for these types of privacy violations.\n\n7. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq.\n\nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as Experian and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by Experian or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft.\n\n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from Experians mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA.\n\n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like Experian, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference. \nTortious Interference with Contractual Relations : If Experians false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you XXXX claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims Experian and its vendors may also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity.\n\nFraud Claims : If Experian or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, Experians actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if Experian or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws.\n\nBy invoking these laws, you can hold Experian and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:33.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10907701","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2024-11-24T07:17:20.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["<em>Unauthorized</em> use of this data by Experian or its vendors would breach these obligations.\n\n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- <em>Interception</em> and Disclosure of Communications : This law prohibits the <em>interception</em> and <em>unauthorized</em> disclosure of private communications."]},"sort":[8.069268,"10907701"]},{"_index":"complaint-public-v1","_id":"10906292","_score":8.069268,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to XXXX Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear XXXX XXXX XXXX, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" XXXX, '' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" XXXX '' is derived from the XXXX \" sXXXX '' ( meaning \" XXXX  '' ) and the XXXX XXXX \" sornom '' ( from \" XXXX  '' meaning \" XXXX '' and \" noXXXX '' meaning \" XXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX XXXX XXXX his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \nXXXX. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681e ( b ), XXXX is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the Eastern Michigan Bankruptcy Court, which has confirmed that XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a matter of public record, XXXX has continued to report inaccurate bankruptcy information. This constitutes a violation of 15 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records.\n\nFurthermore, under 15 U.S.C. 1681c, XXXX is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of XXXX ( 5 U.S.C. 552a ). \nXXXX. Secured Party Creditor Rights under the Uniform Commercial Code ( XXXX ) Additionally, as XXXX XXXX XXXX XXXX is the XXXX XXXX XXXX under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the XXXX XXXX, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. XXXX and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by XXXX or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that XXXX and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX , despite the court 's ruling. This is a direct violation of the Privacy Act of XXXX ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization.\n\nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX XXXX. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions.\n\nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXX XXXX  personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nXXXX Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX XXXX, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If XXXX or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has XXXX continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the XXXX Michigan Bankruptcy XXXX ruling that this information is not a matter of public record? \nCan XXXX provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXXXXXX XXXX credit report? \nWhat specific steps has XXXX taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has XXXX failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXX XXXX  credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can XXXX provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX XXXX XXXX agency? \nHow does XXXX verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does XXXX have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas XXXX paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas XXXX conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \nXXXX. Questions Regarding Penalties for Unauthorized Disclosure : What is XXXX policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs XXXX willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXXXXXX XXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is XXXX taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will XXXX agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill XXXX provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX  data? \nCan XXXX confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will XXXX ensure that all future records related to XXXX XXXX XXXX XXXX XXXX XXXX any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan XXXX confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXX XXXX  bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does XXXX acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs XXXX prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does XXXX ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan XXXX provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is XXXX process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does XXXX plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how XXXX could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. XXXX is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on XXXX 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses. \nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals. \nNegative Financial Reputation : XXXX failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you.\n\n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, XXXX cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : XXXX XXXX perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. XXXX failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from XXXX XXXX prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors XXXX view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security. \nXXXX. Vicarious Liability of XXXX XXXX is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that XXXX can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : XXXX, as the consumer reporting agency, is legally obligated under 15 U.S.C. XXXX ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If XXXX relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. XXXX has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, XXXX is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves XXXX open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you. \nFinancial Losses : The continuing erroneous bankruptcy information, coupled with XXXX failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, XXXX lack of action is a proximate cause of the direct financial harm you are experiencing. \nPenalties and Legal Liabilities : If XXXX or its vendors are found to have violated privacy laws or misused your data, they XXXX be subject to financial penalties and XXXX be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by XXXXmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. XXXX is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and XXXX must be held accountable for its actions and inaction in this matter. \n\n1. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq. \nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like XXXX. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes. \n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires XXXX to maintain reasonable procedures to ensure the accuracy of the information it reports. If XXXX fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies. \n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires XXXX to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability. \n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If XXXX 's vendors acted negligently or willfully misreported data, they ( and XXXX ) could face legal consequences under this section. \n2. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of 1974 governs the collection, maintenance, and dissemination of personal data by federal agencies. Although XXXX is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If XXXX and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination. \n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like XXXX. \nXXXX. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the UCC, data ( tangible and intangible property ) is protected as part of the Secured Party 's property.\n\nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If XXXX or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law. \nXXXX. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes. \n18 U.S.C. 1028 - Identity Theft : If XXXX reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law. \n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If XXXX mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft. \nXXXX. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by XXXX. \nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities.\n\nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, XXXX could be liable for these types of privacy violations. \n7. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq.\n\nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as XXXX and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by XXXX or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft. \n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from XXXX mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA.\n\n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like XXXX, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference. \nTortious Interference with Contractual Relations : If XXXX false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you may claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims XXXX and its vendors XXXX also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity. \nXXXX Claims : If XXXX or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, XXXX actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if XXXX or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws. \nBy invoking these laws, you can hold XXXX and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:46.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10906292","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"LEXISNEXIS","date_received":"2024-11-24T07:41:43.000Z","state":"MI","company_public_response":null,"sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["<em>Unauthorized</em> use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- <em>Interception</em> and Disclosure of Communications : This law prohibits the <em>interception</em> and <em>unauthorized</em> disclosure of private communications."]},"sort":[8.069268,"10906292"]},{"_index":"complaint-public-v1","_id":"10741046","_score":7.6291323,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XXXX XXXX Equifax XXXX XXXX XXXX XXXX XXXX XXXX XXXX for XXXX XXXX IVE submitted updated drivers license my minor children, DOJ FBI VNS FTC REPORTS CFPB XXXX XXXX ORDERED DOCUMENTS FROM THE JUDGE STAMPED AND SEALED AMENDED BIRTH CERTIFICATE IM BEING RETAILITATED AGAINST DUE TO MY DL SSN NAME ALL CHANGED. My kids and. Sufffered medical malpractice due to misuse of our XXXX TAX FRAUD IVE ATTACHED EVERYTHING DUE TO DEVICES MAILED COMPRMOSED BEFORE I GET THEM IT APPEARS IM THE CRIMINAL THEY REFUSE TO REMOVE THE FRAUD NEGATIVE INFO ON MY REPORT. \nIn recent years, my family and I have been victims of numerous data breaches, fraudulent activities, and ongoing issues with medical, financial, and personal information. We were notified of a medical data breach through XXXX, impacting me and my XXXX children. Since then, I have received no settlement payments from major breaches, including XXXX XXXX, XXXX, Equifax, or Bank XXXX XXXX. Additionally, neither my children nor I have received any victims compensation from the Department of Justice, despite proof of victimization, which I have attached. \nIn XXXX, due to issues with our XXXX, our XXXX numbers were changed in an emergency by the South Carolina XXXX XXXX XXXX. The inspector assigned to the case was XXXX XXXX. After this change, I was accused of XXXX fraud. Initially, officials claimed it was a systematic error but later reversed their stance, suggesting I committed fraud, which I categorically deny. Despite my honesty and record-keeping, this accusation was sent to addresses where suspects, such as my mother XXXX XXXX XXXX XXXX XXXX XXXX ) and my sister, reside. This systematic error negatively impacted my financial situation and my familys stability. The address XXXX XXXX XXXX in XXXX, SC, has been linked to XXXX and other records with fraudulent updates, despite never being associated with me personally. \n\nFurther, in XXXX of this year, unauthorized access to my and my childrens medical and financial records was documented, with information accessed monthly. I have had to repeatedly request the removal of a middle initial mistakenly added to my name on South Carolina XXXX XXXX. Despite assurances each time that it would be corrected, the issue persists. This is compounded by issues with phone numbers linked to breached accounts from XXXX, such as XXXX, XXXX, and XXXX. These breaches and unauthorized uses of my personal information have been verified through phone provider records. \n\nNotably, the Department XXXX XXXX XXXX ( XXXX ) appears connected to some discrepancies. For example, while my XXXX benefits and associated records display my updated legal name, my benefits recertification information was suddenly switched back to my old name without explanation. Despite showing evidence of these discrepancies to officials, my benefit records have been manipulated to misrepresent my identity and financial standing. \n\nSimilarly, changes in records have affected my insurance and federal records. Unauthorized individuals manipulated my XXXX account and benefits, compromising my IP address, email authentication, and even my insurance with XXXX XXXX. Recently, fraudulent XXXX charges appeared on my insurance on XX/XX/XXXX, despite my lack of involvement. \n\nAdditional fraud has involved relatives. For instance, my sons father recently won a settlement of {$190000.00} in XX/XX/XXXX in XXXX, yet child support adjustments have been erratic, likely due to changes in XXXX and health information. XXXX XXXX noted my mothers involvement in our records, despite my request to remove her due to misuse of my information. \n\nIn XXXX, I observed unusual financial XXXX among relatives who were previously in debt but suddenly gained perfect credit. I suspected fraud, involving a XXXX associate and manipulation of XXXX records, which at XXXX point falsely listed me as the owner of a hotel with foreign employees. My former business, XXXX XXXX XXXX, was taken from me after presenting a multi-million-dollar entertainment concept to XXXX XXXX. Following this meeting, my devices were compromised, stolen, and accessed without authorization, severely impacting my career. \n\nMy current employer, XXXX XXXX XXXX, has also mishandled my compensation and benefits. After suffering a XXXX in XX/XX/XXXX, I qualified for medical leave but have yet to receive payment. Similarly, after my emergency hysterectomy in XXXX, I did not receive my full XXXX pay. In XXXX, I was shorted XXXX hours. Equipment issues were frequent, and the company appeared to hinder my ability to work by sending defective towers and assigning me to classes with inadequate resources. At XXXX point, a neighbor brought a box of equipment that XXXX confirmed had been sent to the wrong address by XXXX, compromising my security. Despite following all protocol and returning faulty equipment, the company claimed they had not received it, affecting my employment eligibility. \n\nEarlier this year, I faced issues with Concentrixs recruiter, who falsely claimed I needed a drug test, which I passed. Despite my repeated attempts to follow up, I never received responses or job confirmation. Meanwhile, XXXX unlawfully reported incorrect wages to the Social Security XXXX, resulting in a decrease in my sons XXXX benefits. Furthermore, the XXXX has provided inconsistent information about these reports, adding to our ongoing hardship. \n\nMy and my childrens medical records have also been tampered with. For example, despite having XXXX XXXX XXXX listed in my XXXX XXXX records, my primary care provider has said otherwise, leading to medical misdiagnoses. Billing inconsistencies, such as the erroneous {$80000.00} charges to XXXX for services I never received, illustrate these fraudulent practices. When I reported these discrepancies, the primary care provider unjustly dismissed me from her practice. \n\nOn several occasions, our personal records and belongings have been stolen from our home. Mail theft, unauthorized entries, and missing personal documents are regular occurrences. Recently, when XXXX requested my high school diploma, I discovered it had been stolen, along with my childrens report cards and certifications. \n\nWith evidence of multiple orchestrated financial crimes and unauthorized access to our personal, financial, and medical records by various individuals and organizations, I am seeking immediate action. This includes : XXXX. Changes to my and my childrens names. \nXXXX. Sealing of our medical record numbers, clinical records, and account histories to prevent further misuse. \nXXXX. Investigation into companies involved, including XXXX, XXXX, and other associated agencies. \n\nThese actions, constituting fraud, identity theft, unauthorized access, XXXX violations, discrimination, and retaliation, have created an unsafe environment for my family and inflicted significant financial, emotional, and physical distress. I request that immediate steps be taken to secure our information and hold responsible parties accountable. \nOver the past year, I have experienced an orchestrated pattern of financial, employment, and medical mismanagement by various organizations and individuals. The cumulative effects of these incidents have led to severe personal, medical, and financial hardship for my family and me. I implore you to address these issues with the utmost urgency, as they have impacted my health, my childrens well-being, and our financial stability. \nPersonal Background and Employment Issues with XXXX XXXX XXXX I am a single mother of XXXX children, and until recently, I was employed with XXXX XXXX XXXX. I experienced multiple incidents of payroll inconsistencies, mismanagement, and unaddressed medical leave issues due to my XXXX in XX/XX/XXXX and a prior emergency hysterectomy in XX/XX/XXXX. Despite being eligible for medical leave under federal law, I encountered severe delays and missing paychecks, including errors in my XXXX and XX/XX/XXXX payroll. XXXX withheld portions of my income during these times, creating significant financial strain. Despite my best efforts to resolve these issues internally, I was encouraged by my supervisor, XXXX XXXX, to file for unemployment, which led to additional complications. \n\nOn top of that, I faced unusual and unethical recruitment practices in XX/XX/XXXX, when I was asked to take a drug screening for a new assignment that was, according to XXXX, urgent. During this process, I encountered irregularities, including late-night calls from the recruiter, delays, and unreturned messages. Although I passed the test, the recruiter stopped responding after confirming the validity of my prescription medications. I was left without employment, and my attempts to reach XXXX or XXXX XXXX about this recruiter were met with dismissal. This left me stranded financially and emotionally, as I felt I was being set up to fail without any recourse. \n\nMoreover, I discovered frequent alterations to my tax withholding information within the XXXX system between XXXX and XX/XX/XXXX. Despite repeatedly adjusting my XXXX to reflect my head-of-household status with XXXX dependents, it was changed back to XXXX allowances without my consent. I provided proof to XXXX, but this continued unchecked. \n\nMedical and XXXX XXXX XXXX I have a complex medical history, including childhood XXXX XXXX and XXXX concerns, which have been mishandled and misdiagnosed by both XXXX XXXX XXXX XXXX and XXXX XXXX. Following my XXXX, which was initially recorded as a mild XXXX ( TIA ), my medical records were altered to indicate a diagnosis of hemiplegic migrainesa condition my son, not I, suffers from. This falsification has led to additional complications in my treatment and care, as my true medical needs have not been addressed. \n\nMy children and I have also faced issues with XXXX and XXXX. There are records falsely listing XXXX as XXXX, and despite requesting corrections, the errors persist. Our medical charts contain inaccurate information, including previous diagnoses, and unauthorized changes to my name and other details have resurfaced despite multiple updates. The confusion around these records has not only impacted our ability to receive proper medical care but has caused my sons XXXX benefits to decrease based on false wage reporting by XXXX. The inaccuracies in our medical histories have left us without essential treatments and correct medical advice, placing our health in jeopardy. \n\nMail Theft, Identity Theft, and XXXX XXXX I have experienced repeated mail theft, including the unauthorized removal of important documents such as my high school diploma, my childrens report cards, and various personal identification papers. On XXXX occasion, my home was left open, and my childs football game folder, which contained sensitive identification documents, was disturbed. These repeated invasions have left my family feeling vulnerable and unsafe. \n\nIn addition, I have encountered false tax documents and compromised IRS returns. XXXX forms showing electronic signatures have appeared without my knowledge, and previous years returns were tampered with, creating suspicion that I completed forms I did not. Concerningly, Ive noticed unusual discrepancies involving the Federal Reserve, where records tied to my settlements and victims compensation have been altered, preventing those funds from reaching me. Compounding this, my tax information has been altered to show false wages that caused financial setbacks, such as my sons XXXX reduction. \n\nOn multiple occasions, I have observed unauthorized changes to our benefits, accounts, and medical information from unidentified foreign sources in the XXXX, XXXX, and XXXX. Ive seen indicators suggesting that my documents are being manipulated and sold, including when XXXX documentation unexpectedly appeared on my personal devices. The situation has escalated to XXXX XXXX that my familys personal and financial records are being remotely accessed and modified, creating continual disruption to our financial and medical security. \n\nUrgent Request for Action These interconnected actions have violated numerous federal laws, including : XXXX Violations : Unauthorized access and alteration of medical records, resulting in misdiagnoses and incorrect medical treatment. \nXXXX XXXX Violations : Wrongful termination and mishandling of medical leave rights and pay by XXXX. \nSocial Security XXXX Violations : False reporting of wages to the XXXX, leading to wrongful reductions in XXXX benefits. \nIdentity Theft and XXXX XXXX : Manipulation of personal information, tax records, and financial data, impacting access to settlements and benefits. \nVictims Rights Violations : Withholding of victims compensation and child support deposits, likely due to altered banking records. \n\nThe cumulative impact of these issues is more than financial ; it has placed my familys health, well-being, and sense of security at grave risk. I request immediate intervention to investigate these ongoing issues, enforce accountability among involved parties, and ensure that our recordsmedical, employment, and financialare corrected and secured. \n\nThank you for your attention to this matter. I am prepared to provide any additional documentation needed and am hopeful that with your assistance, my family and I can regain control over our health, financial stability, and personal security. \n\nI am urgently reaching out to address suspected fraud and identity misuse affecting my account and linked records, with the goal of correcting these errors and ensuring the privacy and safety of my familys energy services. This situation has caused significant concern for our household security, and I request your immediate assistance in investigating and removing fraudulent data associated with my account. \n\nSuspected Fraudulent Activity and Urgent Concerns There are multiple emails, addresses, and phone numbers that I have discovered associated with my XXXX XXXX account and records, which I did not authorize. The following emails in XXXX and XXXX fraudulent. I am asking for them to be immediately deleted from any association with my XXXX XXXX account or records. \n\nOn XX/XX/XXXX, I requested that the account for meter XXXX XXXX XXXX, XXXX, SC reflect my updated information, including my new name, Social Security number, and drivers license number. However, my records do not show this update, and neither do they list other addresses I have lived at under my old name. These addresses include : XXXX XXXX XXXX, XXXX XXXX, XXXX, SC XXXX XXXX XXXX XXXX XXXX, SC XXXX Lakecrest Apartments in XXXX, SC XXXX XXXX XXXX in Taylors, SC XXXX XXXX XXXX XXXX, XXXX XXXX?, XXXX, SC XXXX XXXX XXXX XXXX, XXXX XXXX, XXXX, SC XXXX This discrepancy is a serious issue, as it leaves my new identity information unlinked, while fraudulently assigned addresses remain on record. I request either the removal of XXXX XXXX XXXX from my account or the addition of my legitimate, previous addresses under my old identity. Currently, my consumer report lists a fraudulent address that was never mine and that I believe was being used by others while I maintained my own separate residence. \n\nFraudulent Use of My Identity and That of My Children Between XX/XX/XXXX and now, there have been individuals who have repeatedly used my name and my minor childrens names to obtain services and hide behind our identities. Specifically, XXXX XXXX XXXX, XXXX, SC XXXX appears fraudulently in my records as an address someone else used to access my information and receive my drivers license. \n\nThose I believe responsible for using my identity fraudulently include : XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX ) XXXX XXXX XXXX XXXX and XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX These individuals have misused my identity and that of my minor children, XXXX XXXX XXXX and XXXX XXXX XXXX, in various financial schemes, manipulating records and identities linked to XXXX XXXX. It is essential that no accounts, direct deposits, or service addresses associated with these names, or variations like XXXX XXXX or XXXX XXXX, be linked to my XXXX XXXX account. \n\nXXXX XXXX and Billing Concerns It has come to my attention that fraudulent deposits marked as child support are being associated with my XXXX XXXX account. I also see discrepancies in my billing statements, with statements showing XXXX, OH as the merchant location, while my receipts indicate XXXX, NC. This inconsistency raises serious concerns about the integrity of these charges and possible unauthorized use. \n\nFurthermore, I have noted unusually high energy bills when our lights are on, which directly affects my familys health, as we experience symptoms of sickness when lights are used for extended periods. This unusual billing and possible connection with external deposits must be investigated, as it suggests potential fraudulent activity that could jeopardize our energy security. \n\nRequest for XXXX XXXX I am asking XXXX XXXX to take immediate steps to : XXXX. Remove fraudulent emails ( XXXX and XXXX ) and phone numbers associated with my account. \nXXXX. Correct my address history by either removing XXXX XXXX XXXX or adding legitimate past addresses under my old identity. \nXXXX. Investigate and remove unauthorized accounts or deposits connected to names used fraudulently, including aliases associated with my childrens names. \nXXXX. Examine discrepancies in billing statements and merchant location data, as these XXXX indicate unauthorized activity affecting my account. \n\nMy family depends on XXXX XXXX secure and reliable service, and any errors or fraud in our records directly impact our daily lives and well-being. I trust that XXXX XXXX will investigate and resolve these issues quickly to ensure the integrity of our account and the safety of our home. \nI am detailing the complex misuse of my identity and records by family members, which has led to financial and legal confusion. \n\nXXXX. Address and XXXX Records : Although my sister does not use my address with XXXX, XXXX with the Department of XXXX and XXXX XXXX XXXX XXXX ) XXXX her under my address. This has led to a mix-up, as the court records show payments from XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX the determination of who is responsible for certain obligations. \nXXXX. Medical Record Number ( XXXX ) Discrepancies : At the hospital, I am listed under XXXX separate MRNsone for XXXX XXXX and another for XXXX XXXX XXXX. My sons XXXX was also changed without my consent. These discrepancies suggest attempts to use our medical records to forge identities or claim benefits fraudulently. \nXXXX. IRS Form XXXX Corrections : In XX/XX/XXXX, I received XXXX corrected IRS Forms XXXX, despite no legitimate reason for such changes. This suggests manipulation of our records, possibly to alter tax or insurance status. \nXXXX. Tax Filing Irregularities : I filed with XXXX XXXX XXXX XXXX XXXX and expected a refund of {$6200.00} ; however, I only received {$5100.00}. I believe my sons father manipulated tax information, possibly claiming benefits as the head of household. Despite records showing my daughter is the head of household, corrections continue to misclassify this status. \nXXXX. XXXX XXXX and XXXX Discrepancies : My sons financial deposit history begins with XXXX, identical to numbers found in XXXX records for liens and judgments related to me as a victim. Previous checks issued to me as restitution for victimization are now missing, and XXXX Carolinas Disbursement Unit ( SC SDU ) is not recording deposits to my account ( XXXX ), though some deposits appear in FHE format ( indicating possible child support or benefits for family household expenses ). \n\nThe extensive misuse of my personal information, medical and tax records, and financial deposits has caused both personal and financial harm. I am seeking thorough investigation and corrective action. \nI am filing this complaint to report extensive fraud involving forged medical and financial records linked to my family. Specifically, my sons XXXX, XXXX XXXX XXXX, and other family members have allegedly altered my childrens medical records at XXXX XXXX and XXXX XXXX under my former name, XXXX XXXX. Theyve manipulated record numbers and listed incorrect dates of service, even though XXXX XXXX lived in XXXX since XXXX. Furthermore, I have evidence showing XXXX distinct medical record numbers for XXXX XXXX and XXXX XXXX XXXX. \nXXXX recently won a {$200000.00} lawsuit at XXXX XXXX. Additionally, when he falsely accused me of criminal domestic XXXX ( XXXX ), the public index records show my name twice instead of his, further indicating fraudulent misuse of my identity. I have also found evidence that XXXX signed as my sons birth parent, using fraudulent documents to access benefits and funds without my consent. \nI also uncovered misuse of XXXX benefits in our medical records, falsely indicating absent parent support. In the Child Support Portal, over {$1000.00} in payments meant for my son has been held by the South Carolina State Disbursement Unit without explanation. Additionally, it appears my tax returns were forged and intercepted, with {$5100.00} issued on a fraudulent check from XXXX & XXXX XXXX XXXX instead of the original {$6200.00} owed. \nI have evidence suggesting a XXXX XXXX account was linked to my Treasury XXXX account under my new identity without my authorization. Despite removing certain addresses, XXXX and XXXX XXXX XXXX records show XXXX continued to use my address. The ongoing manipulation of my records has been substantiated by documents, and my XXXX data was also accessed without permission. I am seeking corrective action and an investigation into these fraudulent activities, which have left me financially compromised. \n\n\nSubject : Urgent Report of Financial and Privacy Violations, Medical Record Manipulation, and Fraudulent Activity To Whom It XXXX Concern, I am writing to urgently bring to your attention a series of serious violations and fraudulent activities that have caused significant financial hardship, emotional distress, and breaches of privacy for both myself and my children. We have become victims of what appears to be a carefully orchestrated scheme involving unauthorized access to medical records, misuse of personal information, and the misallocation of benefits. The following outlines in detail the specific violations, the individuals involved, and the detrimental impact this has had on our lives. \n\nXXXX. XXXX XXXX XXXX and Misdiagnosis My sons medical records at XXXX XXXX reveal troubling discrepancies, particularly an instance where his father, XXXX XXXX XXXX, signed as the patient for a visit. He did not sign as the legal guardian or authorized representativehe signed as if he were my son, which is neither accurate nor authorized. Additionally, my sons medical record number for this visit does not match the number assigned to him at birth. This inconsistency raises serious concerns about tampering and unauthorized access to our medical records. \n\nFurther, I suffered a XXXX in XX/XX/XXXX. However, records at XXXX XXXX XXXX ( connected to XXXX XXXX and XXXX XXXX ) indicate my son was admitted for hemiplegic migraines on the exact dates of my hospitalization, suggesting either gross error or intentional misrepresentation. This not only complicates my own diagnosis but has led to an inappropriate medical history being attached to my son. \n\nXXXX. Financial Hardship and Incorrect XXXX Benefit Allocation Recently, the Social Security XXXX reduced my sons XXXX benefits, citing funds he supposedly received from his father, who has not made any child support payments for over XXXX months. Despite my providing evidence of this nonpayment, the XXXX has continued to decrease his benefits. This financial burden has caused me great hardship and confusion, especially as my sons fathers unpaid child support was supposed to be offset against my tax refund, which was delayed for XXXX months and ultimately arrived short by over {$2000.00}. \n\nAdditionally, the Department XXXX XXXX XXXX ( XXXX ) has been deducting child support for XXXX, yet only for my son, XXXX, and not my other child. XXXX claimed no offset was done, which conflicts with earlier communications. It has also come to my attention that my insurance through XXXX XXXX XXXX XXXX XXXX, XXXX assurances from XXXX administrators XXXX I owe no TANF obligations. This misrepresentation of benefits further amplifies my financial distress. \n\nXXXX. XXXX XXXX and XXXX XXXX Evidence suggests that someone XXXX have gained unauthorized access to my online records and accounts. My IP address has shown unusual access points from XXXX, where my sons father resides. In XXXX, someone using a XXXX device accessed my XXXX account without my authorization, specifically connected to XXXX XXXX. I have explained these issues to the Department of Treasury and the Department of XXXX, but the concerns persist. \n\nAdditionally, a detective revealed that my sister had used my address with the Department XXXX XXXX and XXXX XXXX, although her name does not appear in the XXXX system. Her use of my address for state services could be contributing to the financial and identity confusion affecting us. This misuse of my address and personal information by family members, combined with unauthorized access to my accounts, suggests a significant compromise of my personal privacy and civil rights. \n\nXXXX. Forgery, Misrepresentation, and Potential Financial Gain On XX/XX/XXXX, my sister reportedly forged my signature, making it appear that my son was in the hospital at the same time I was. This forged record enabled further manipulation of our medical history and potentially allowed for financial claims I did not authorize. In addition, school records have inexplicably reversed the roles between myself and my daughter, listing me as the student and her as the parent, which further indicates identity tampering and misrepresentation. \n\nSubjects Involved and Methods Used XXXX XXXX XXXX : Used my sons medical information, signing as the patient at XXXX XXXX without authorization. The motives appear to be tied to manipulating medical records and possibly accessing benefits fraudulently. \nMy Sister : Forged my signature, used my address with the Department XXXX XXXX XXXX and XXXX, and XXXX have contributed to the ongoing misrepresentation issues with the XXXX and state agencies. \nDepartment XXXX XXXX XXXX ( XXXX ) : Deducted child support for XXXX but failed to apply it correctly, resulting in unexplained benefit misallocations and tax offset confusion. \n\nThese actions have collectively created a web of complications that leave XXXX vulnerable, financially strained, and emotionally distressed. Our rights to privacy, fair treatment, and accurate benefits allocation have been compromised. The effects of these ongoing issues are profound and have disrupted every aspect of our lives, leading to financial instability and unwarranted emotional trauma. \n\nRequest for Urgent Intervention I urge your office to investigate the following : Unauthorized Medical Record Access and Forgery : Violations under XXXX due to unauthorized changes and access to medical records. \nSocial Security XXXX : Manipulation of XXXX benefits and associated financial documents, resulting in incorrect benefit allocation. \nXXXX XXXX : Potential manipulation of child support payments, XXXX misallocation, and missing tax offsets. \nIdentity Theft and Impersonation : Fraudulent use of my address and unauthorized access to my records, resulting in compromised privacy and civil rights violations. \nWe have become victims treated as criminals, facing unwarranted scrutiny and reduction in necessary benefits. I respectfully ask for an in-depth investigation to provide relief, clarity, and accountability for those responsible. Thank you for your attention to this matter, and I look forward to your prompt response.","date_sent_to_company":"2024-11-09T19:30:12.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"296XX","tags":"Servicemember","has_narrative":true,"complaint_id":"10741046","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2024-11-09T18:41:16.000Z","state":"SC","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["Request for Urgent Intervention I urge your office to investigate the following : <em>Unauthorized</em> Medical Record <em>Access</em> and Forgery : Violations under XXXX due to <em>unauthorized</em> changes and <em>access</em> to medical records. \nSocial Security XXXX : Manipulation of XXXX benefits and associated financial documents, resulting in incorrect benefit allocation. \nXXXX XXXX : Potential manipulation of child support payments, XXXX misallocation, and missing tax offsets."]},"sort":[7.6291323,"10741046"]},{"_index":"complaint-public-v1","_id":"16453537","_score":7.0662494,"_source":{"product":"Debt collection","complaint_what_happened":"XX/XX/XXXX Leadership : General Counsel XXXX XXXX Second Complaint to no avail from XXXX XXXX XXXX Department and Executive Leadership Team I am filing a second complaint based on XXXX XXXX 's egregious statements made to the credit reporting agencies. a second complaint against XXXX XXXX for furnishing inaccurate and defamatory information to credit reporting agencies. Despite numerous requests, XXXX XXXX has failed to provide any documentation proving I am responsible for the alleged debt. Their only response has been that their investigation concluded the debt belongs to me. \n\nThis is unequivocally false. During the period this account was opened and used, I was XXXX  due to a severe injury sustained when a XXXX XXXX XXXX XXXX, resulting in a XXXX XXXX XXXX XXXX  and a XXXX XXXX XXXX. Therefore, I could not have opened, charged, or authorized this account. \n\nFurthermore, this debt was removed from my credit report twice, only to be reinserted by XXXX XXXX. My credit file was then updated, indicating that additional details were received, and it was concluded that the account belongs to me. XXXX XXXX 's response stating the file would show \" disputed '' is insufficient, as the debt is not mine. \n\nExperian subsequently sent a deeply hurtful and embarrassing letter, accusing me that, based on information from XXXX XXXX, I misrepresented facts, leading them to lock my credit file. The letter even accused me of obtaining goods and services under pretenses, which is entirely untrue. \n\nI have contacted XXXX XXXX 's XXXX XXXX and XXXX department, offering to sign a release for my medical records, including video footage that substantiates my incapacitation. Instead of seeking further details, they have subtly implied my statements are inconsistent. \n\nI have attached emails sent to XXXX XXXX 's legal team requesting a draft of a release to review my medical files, which will exonerate me and clear my name. I urge you to investigate this matter thoroughly and ensure my credit report is corrected. Additionally, look into my repeated request to review any files XXXX  XXXX XXXX accused me of being dishonest and refuse to provide me access to but apparently has either made statements or provided the XXXX credit reporting agencies something to make them conclude outside of the records I provided which was the police report, the FTC fraud affidavit, and pictures which are limited medical information why I was incapacitated during the alleged time the account was opened and charges made even a cash advance. I am a victim of a sophisticated identity theft using VPN and proxy number and XXXX XXXX XXXX \n\nXXXX. In account takeover fraud, criminals use a Virtual Private Network ( VPN ) or proxy server to make it appear as if they are accessing an account from the victim 's legitimate geographical location. This technique helps them bypass fraud detection systems that flag unusual login activity, such as a user suddenly accessing their account from a different country. \nXXXX. Location spoofing After obtaining the credentials, the fraudster uses a VPN or proxy service to mask their actual IP address. \nThese services route the fraudster 's internet traffic through a remote server. The victim 's bank or e-commerce site will then only see the IP address of the VPN or proxy server, making it appear that the login is coming from that server 's geographic location. \n\nMimicking the victim : By choosing a VPN or proxy server located near the victim 's addressthe location where the account originated or is typically accessedthe criminal can fool a key security check. \n\nAdversary-in-the-Middle '' ( AitM ) phishing : Attackers set up a proxy web server that acts as an invisible layer between the victim and the legitimate website. \nRelaying credentials : When the victim enters their username, password, and the one-time passcode ( OTP ) on the fake site, the proxy server instantly relays the information to the real website. \nSession hijacking : Once the legitimate service validates the authentication and issues a session cookie, the fraudster 's proxy server intercepts and steals it. This allows the fraudster to access the victim 's account without needing the XXXX againProxy detection : Many fraud detection systems include technology to identify and flag IP addresses known to be associated with proxies and VPNs. \nIP intelligence : Analyzing an IP address can reveal not just its general location but also if it's high-risk or tied to botnets, helping to build better fraud detection algorithms. \nBehavioral biometrics : This method focuses on user behavior patterns rather than just XXXX addresses. It can detect anomalies like unusual typing speed, mouse movements, or navigation patterns, which can signal that the user is a bot or a fraudster. \nStronger XXXX : Using XXXX methods that are more resilient to AitM attacks, such as hardware security keys, can provide greater protection than traditional SMS or email-based OTPs. \nA XX/XX/XXXX class-action lawsuit alleges that XXXX XXXX improperly denied fraud claims based on faulty fraud-detection technology. The suit claims the bank relied on flawed data searches to \" mechanically '' reject fraud claims, failing to conduct reasonable investigations as required by federal law. \n\nDetails of the class-action lawsuit The plaintiff 's case : The suit was filed in the XXXX XXXX XXXX for XXXX Northern District XXXX California XXXX XXXX woman who reported {$1500.00} in unauthorized charges after her wallet was stolen. XXXX XXXX denied her claim with a form letter and no explanation, closing her checking account shortly after. \nAllegation of flawed technology : According to the complaint, XXXX XXXX 's fraud-detection process is a \" black-box '' system that wrongfully blames the consumer, ignoring the bank 's own legal obligation to prove a transaction was authorized. \nViolation of federal law : The lawsuit claims XXXX  XXXX violated the Electronic Funds Transfer Act ( EFTA ), which requires banks to conduct a proper investigation into unauthorized transactions. The EFTA places the burden of proof on the bank, not the customer, and requires the bank to provide documentation of its investigation. \nXXXX XXXX has been the subject of numerous FCRA complaints filed with the Consumer Financial Protection Bureau ( CFPB ) and various lawsuits over the years. The most frequent violations include : XXXX. Failure to Properly Investigate Disputes XXXX of the most prevalent complaints involves XXXX  XXXX failing to conduct reasonable investigations as required by the FCRA when consumers dispute information. Instead of thoroughly examining evidence provided by consumers, XXXX  XXXX often : Conducts cursory, surface-level reviews Simply verifies that reported information matches their internal records ( without investigating whether those records are accurate ) Uses automated systems rather than human investigators for complex disputes A proper FCRA dispute investigation requires more than just checking internal databases. The law demands that furnishers like XXXX XXXX conduct a reasonable investigation that examines all relevant evidence. \n\nXXXX. Continued Reporting of Disputed Information Without Verification The FCRA requires that if information can not be verified as accurate following a dispute, it must be corrected or deleted. However, XXXX XXXX has been known to : Continue reporting disputed information even after failing to fully verify its accuracy Re-report previously deleted information without new evidence of accuracy Fail to mark accounts as disputed by consumer while investigations are pending XXXX. Inadequate Responses to Dispute Investigations Many consumers report receiving vague, form-letter responses from XXXX  XXXX that : Lack specific details about what was investigated Fail to address the particular points raised in their dispute Provide no explanation for why the information was deemed accurate Omit copies of any documents relied upon during the investigation XXXX. Failure to Correct Information Across All Credit Bureaus When XXXX XXXX does correct erroneous information, they sometimes fail to notify all three major credit bureaus ( Experian, XXXX, and XXXX  ) of the correction, leaving inaccurate information on some of your credit reports. \n\nXXXX XXXX Policies on Credit Reporting Understanding XXXX XXXX approach to credit reporting can help you navigate potential FCRA issues : Dispute Procedures XXXX XXXX published dispute procedures include : An online portal for submission of disputes Stated investigation timeframe of up to 30 days ( the maximum allowed by the FCRA ) Options to add consumer statements to credit files Limited direct communication during the investigation process Unfortunately, this online dispute process often leads to superficial investigations. XXXX  XXXX representatives handling online disputes typically have limited training in credit reporting laws and may simply match information against internal records rather than conducting genuine investigations. Even though XXXX XXXX wants you to dispute online, you are not limited to and should not use online dispute tools. Disputes made to the credit bureaus are routed to XXXX XXXX and give them fewer reasons to reject disputes. \n\nInternal Systems and Challenges XXXX XXXX credit reporting system faces several structural challenges : Heavy reliance on automated reporting systems with limited human oversight Departmental disconnects between fraud investigation teams and credit reporting teams Limited documentation systems for tracking dispute history Insufficient staff dedicated to dispute resolution compared to their massive customer base These systemic issues often result in a pattern of FCRA violations that can significantly impact consumers. XXXX XXXX conclusion subliminally says, There is no need for any further investigation because we did one and BELIEVE the account belongs to you, AND we are not releasing anything other than this letter from our database showing you lived at the address and the phone number, email address, and bank account belong to you. \n\nUnder duress and to clear my name, I have offered my private medical records to clear my name for once and for all. I am struggling financially and can not work within my field, and am facing homelessness because of XXXX XXXX 's bullying tactics. This is not my account, and I am being victimized all over again by XXXX XXXX 's false reporting and the credit reporting agencies ' reporting derogatory information based on verification obtained electronically. Based on recent reports regarding XXXX XXXX, what makes their credibility more credible than mine? I am being bullied at this point. \nRespectfully submitted XXXX XXXX","date_sent_to_company":"2025-10-08T14:13:30.000Z","issue":"Attempts to collect debt not owed","sub_product":"Credit card debt","zip_code":"30058","tags":null,"has_narrative":true,"complaint_id":"16453537","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2025-10-08T13:50:56.000Z","state":"GA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["Session hijacking : Once the legitimate service validates the authentication and issues a session cookie, the fraudster 's proxy server <em>intercepts</em> and steals it. This allows the fraudster to <em>access</em> the victim 's account without needing the XXXX againProxy detection : Many fraud detection systems include technology to identify and flag IP addresses known to be associated with proxies and VPNs."]},"sort":[7.0662494,"16453537"]},{"_index":"complaint-public-v1","_id":"16452180","_score":7.0188255,"_source":{"product":"Debt collection","complaint_what_happened":"XX/XX/XXXX Leadership : General Counsel XXXX XXXX Second Complaint to no avail from Capital One Legal Department and Executive Leadership Team I am filing a second complaint based on Capital One 's egregious statements made to the credit reporting agencies. a second complaint against Capital One for furnishing inaccurate and defamatory information to credit reporting agencies. Despite numerous requests, Capital One has failed to provide any documentation proving I am responsible for the alleged debt. Their only response has been that their investigation concluded the debt belongs to me. \n\nThis is unequivocally false. During the period this account was opened and used, I was XXXX  due to XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX Therefore, I could not have opened, charged, or authorized this account. \n\nFurthermore, this debt was removed from my credit report twice, only to be reinserted by Capital One. My credit file was then updated, indicating that additional details were received, and it was concluded that the account belongs to me. Capital One 's response stating the file would show \" disputed '' is insufficient, as the debt is not mine. \n\nXXXX  subsequently sent a deeply hurtful and embarrassing letter, accusing me that, based on information from Capital One, I misrepresented facts, leading them to lock my credit file. The letter even accused me of obtaining goods and services under pretenses, which is entirely untrue. \n\nI have contacted Capital One 's General Counsel and legal department, offering to sign a release for my medical records, including video footage that substantiates my incapacitation. Instead of seeking further details, they have subtly implied my statements are inconsistent. \n\nI have attached emails sent to Capital One 's legal team requesting a draft of a release to review my medical files, which will exonerate me and clear my name. I urge you to investigate this matter thoroughly and ensure my credit report is corrected. Additionally, look into my repeated request to review any files Capital One one accused me of being dishonest and refuse to provide me access to but apparently has either made statements or provided the XXXX credit reporting agencies something to make them conclude outside of the records I provided which was the police report, the FTC fraud affidavit, and pictures which are limited medical information why I was incapacitated during the alleged time the account was opened and charges made even a cash advance. I am a victim of a sophisticated identity theft using VPN and proxy number and XXXX, and XXXX. \n\nXXXX. In account takeover fraud, criminals use a Virtual Private Network ( VPN ) or proxy server to make it appear as if they are accessing an account from the victim 's legitimate geographical location. This technique helps them bypass fraud detection systems that flag unusual login activity, such as a user suddenly accessing their account from a different country. \nXXXX. Location spoofing After obtaining the credentials, the fraudster uses a VPN or proxy service to mask their actual IP address. \nThese services route the fraudster 's internet traffic through a remote server. The victim 's bank or e-commerce site will then only see the IP address of the VPN or proxy server, making it appear that the login is coming from that server 's geographic location. \n\nMimicking the victim : By choosing a VPN or proxy server located near the victim 's addressthe location where the account originated or is typically accessedthe criminal can fool a key security check. \n\nAdversary-in-the-Middle '' ( AitM ) phishing : Attackers set up a proxy web server that acts as an invisible layer between the victim and the legitimate website. \nRelaying credentials : When the victim enters their username, password, and the one-time passcode ( OTP ) on the fake site, the proxy server instantly relays the information to the real website. \nSession hijacking : Once the legitimate service validates the authentication and issues a session cookie, the fraudster 's proxy server intercepts and steals it. This allows the fraudster to access the victim 's account without needing the OTP againProxy detection : Many fraud detection systems include technology to identify and flag IP addresses known to be associated with proxies and VPNs. \nIP intelligence : Analyzing an IP address can reveal not just its general location but also if it's high-risk or tied to botnets, helping to build better fraud detection algorithms. \nBehavioral biometrics : This method focuses on user behavior patterns rather than just IP addresses. It can detect anomalies like unusual typing speed, mouse movements, or navigation patterns, which can signal that the user is a bot or a fraudster. \nStronger XXXX : Using XXXX methods that are more resilient to AitM attacks, such as hardware security keys, can provide greater protection than traditional XXXX  or email-based XXXX. \nA XX/XX/XXXX class-action lawsuit alleges that Capital One improperly denied fraud claims based on faulty fraud-detection technology. The suit claims the bank relied on flawed data searches to \" mechanically '' reject fraud claims, failing to conduct reasonable investigations as required by federal law. \n\nDetails of the class-action lawsuit The plaintiff 's case : The suit was filed in the U.S. District Court for the XXXX XXXX  of California by a woman who reported {$1500.00} in unauthorized charges after her wallet was stolen. Capital One denied her claim with a form letter and no explanation, closing her checking account shortly after. \nAllegation of flawed technology : According to the complaint, Capital One 's fraud-detection process is a \" black-box '' system that wrongfully blames the consumer, ignoring the bank 's own legal obligation to prove a transaction was authorized. \nViolation of federal law : The lawsuit claims Capital One violated the Electronic Funds Transfer Act ( EFTA ), which requires banks to conduct a proper investigation into unauthorized transactions. The EFTA places the burden of proof on the bank, not the customer, and requires the bank to provide documentation of its investigation. \nCapital One has been the subject of numerous FCRA complaints filed with the Consumer Financial Protection Bureau ( CFPB ) and various lawsuits over the years. The most frequent violations include : XXXX. Failure to Properly Investigate Disputes One of the most prevalent complaints involves Capital One failing to conduct reasonable investigations as required by the FCRA when consumers dispute information. Instead of thoroughly examining evidence provided by consumers, Capital One often : Conducts cursory, surface-level reviews Simply verifies that reported information matches their internal records ( without investigating whether those records are accurate ) Uses automated systems rather than human investigators for complex disputes A proper FCRA dispute investigation requires more than just checking internal databases. The law demands that furnishers like Capital One conduct a reasonable investigation that examines all relevant evidence. \n\nXXXX. Continued Reporting of Disputed Information Without Verification The FCRA requires that if information can not be verified as accurate following a dispute, it must be corrected or deleted. However, Capital One has been known to : Continue reporting disputed information even after failing to fully verify its accuracy Re-report previously deleted information without new evidence of accuracy Fail to mark accounts as disputed by consumer while investigations are pending XXXX. Inadequate Responses to Dispute Investigations Many consumers report receiving vague, form-letter responses from Capital One that : Lack specific details about what was investigated Fail to address the particular points raised in their dispute Provide no explanation for why the information was deemed accurate Omit copies of any documents relied upon during the investigation XXXX. Failure to Correct Information Across All Credit Bureaus When Capital One does correct erroneous information, they sometimes fail to notify all three major credit bureaus ( XXXX, XXXX, and XXXX ) of the correction, leaving inaccurate information on some of your credit reports. \n\nCapital Ones Policies on Credit Reporting Understanding Capital Ones approach to credit reporting can help you navigate potential FCRA issues : Dispute Procedures Capital Ones published dispute procedures include : An online portal for submission of disputes Stated investigation timeframe of up to 30 days ( the maximum allowed by the FCRA ) Options to add consumer statements to credit files Limited direct communication during the investigation process Unfortunately, this online dispute process often leads to superficial investigations. Capital One representatives handling online disputes typically have limited training in credit reporting laws and may simply match information against internal records rather than conducting genuine investigations. Even though Cap One wants you to dispute online, you are not limited to and should not use online dispute tools. Disputes made to the credit bureaus are routed to Capital One and give them fewer reasons to reject disputes.\n\nInternal Systems and Challenges Capital Ones credit reporting system faces several structural challenges : Heavy reliance on automated reporting systems with limited human oversight Departmental disconnects between fraud investigation teams and credit reporting teams Limited documentation systems for tracking dispute history Insufficient staff dedicated to dispute resolution compared to their massive customer base These systemic issues often result in a pattern of FCRA violations that can significantly impact consumers. Capital Ones conclusion subliminally says, There is no need for any further investigation because we did one and BELIEVE the account belongs to you, AND we are not releasing anything other than this letter from our database showing you lived at the address and the phone number, email address, and bank account belong to you. \n\nUnder duress and to clear my name, I have offered my private medical records to clear my name for once and for all. I am struggling financially and can not work within my field, and am facing homelessness because of Capital One 's bullying tactics. This is not my account, and I am being victimized all over again by Capital One 's false reporting and the credit reporting agencies ' reporting derogatory information based on verification obtained electronically. Based on recent reports regarding Capital One, what makes their credibility more credible than mine? I am being bullied at this point. \nRespectfully submitted XXXX XXXX","date_sent_to_company":"2025-10-08T14:13:30.000Z","issue":"Attempts to collect debt not owed","sub_product":"Credit card debt","zip_code":"30058","tags":null,"has_narrative":true,"complaint_id":"16452180","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CAPITAL ONE FINANCIAL CORPORATION","date_received":"2025-10-08T14:13:05.000Z","state":"GA","company_public_response":null,"sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["Session hijacking : Once the legitimate service validates the authentication and issues a session cookie, the fraudster 's proxy server <em>intercepts</em> and steals it. This allows the fraudster to <em>access</em> the victim 's account without needing the OTP againProxy detection : Many fraud detection systems include technology to identify and flag IP addresses known to be associated with proxies and VPNs."]},"sort":[7.0188255,"16452180"]},{"_index":"complaint-public-v1","_id":"7520483","_score":5.0843053,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"This company did not honor my request to opt of out the reporting of the accounts stated in the attached dispute letter per the privacy act of 1974. Other consumer reporting agencies have honored my request to remove this information. They have broken the following federal laws. \n\n15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services.\n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section XXXX of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information. \n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution. \n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer. \n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law.\n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18.\n\n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates.\n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31.\n\n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( XXXX ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained","date_sent_to_company":"2023-09-08T18:14:37.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"186XX","tags":null,"has_narrative":true,"complaint_id":"7520483","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2023-09-08T17:55:15.000Z","state":"PA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[5.0843053,"7520483"]},{"_index":"complaint-public-v1","_id":"7527552","_score":4.5467515,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I did NOT give this agency written instructions to report the information on the attached dispute letter and when I requested the removal of it per the privacy act of 1974 and 15 USC 1681b, they denied me my consumer right. Because of this, they have caused me damages and have additionally broken the following federal laws ; 15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services.\n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section 6804 of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information.\n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution.\n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer.\n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law.\n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18.\n\n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates.\n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31.\n\n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( 7 ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained ; ( 11 ) at least 30 days prior to publication of information under paragraph ( 4 ) ( D ) of this subsection, publish in the Federal Register notice of any new use or intended use of the information in the system, and provide an opportunity for interested persons to submit written data, views, or arguments to the agency ; and ( 12 ) if such agency is a recipient agency or a source agency in a matching program with a non-Federal agency, with respect to any establishment or revision of a matching program, at least 30 days prior to conducting such program, publish in the Federal Register notice of such establishment or revision.\n\n( f ) Agency Rules.In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements ( including general notice ) of section 553 of this title, which shall ( 1 ) establish procedures whereby an individual can be notified in response to his request if any system of records named by the individual contains a record pertaining to him ; ( 2 ) define reasonable times, places, and requirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individual ; ( 3 ) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including special procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him ; ( 4 ) establish procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the agency of an initial adverse agency determination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this section; and ( 5 ) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and review of the record.\n\nThe Office of the Federal Register shall biennially compile and publish the rules promulgated under this subsection and agency notices published under subsection ( e ) ( 4 ) of this section in a form available to the public at low cost.\n\n( g ) ( 1 ) Civil Remedies.Whenever any agency ( A ) makes a determination under subsection ( d ) ( 3 ) of this section not to amend an individuals record in accordance with his request, or fails to make such review in conformity with that subsection ; ( B ) refuses to comply with an individual request under subsection ( d ) ( 1 ) of this section ; ( C ) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made which is adverse to the individual ; or ( D ) fails to comply with any other provision of this section, or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual, the individual may bring a civil action against the agency, and the district courts of the United States shall have jurisdiction in the matters under the provisions of this subsection.\n\n( 2 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( A ) of this section, the court may order the agency to amend the individuals record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 3 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( B ) of this section, the court may enjoin the agency from withholding the records and order the production to the complainant of any agency records improperly withheld from him. In such a case the court shall determine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the exemptions set forth in subsection ( k ) of this section, and the burden is on the agency to sustain its action.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 4 ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( C ) or ( D ) of this section in which the court determines that the agency acted in a manner which was intentional or willful, the United States shall be liable to the individual in an amount equal to the sum of ( A ) actual damages","date_sent_to_company":"2023-09-10T22:41:42.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"186XX","tags":null,"has_narrative":true,"complaint_id":"7527552","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2023-09-10T22:41:36.000Z","state":"PA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[4.5467515,"7527552"]},{"_index":"complaint-public-v1","_id":"7522044","_score":4.5467515,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I did NOT give this agency written instructions to report the information on the attached dispute letter and when I requested the removal of it per the privacy act of 1974, they denied me my right. Because of this, they have broken the following federal laws ; 15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services.\n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section 6804 of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information.\n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution.\n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer.\n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law.\n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18.\n\n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates.\n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31.\n\n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( 7 ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained ; ( 11 ) at least 30 days prior to publication of information under paragraph ( 4 ) ( D ) of this subsection, publish in the Federal Register notice of any new use or intended use of the information in the system, and provide an opportunity for interested persons to submit written data, views, or arguments to the agency ; and ( 12 ) if such agency is a recipient agency or a source agency in a matching program with a non-Federal agency, with respect to any establishment or revision of a matching program, at least 30 days prior to conducting such program, publish in the Federal Register notice of such establishment or revision.\n\n( f ) Agency Rules.In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements ( including general notice ) of section 553 of this title, which shall ( 1 ) establish procedures whereby an individual can be notified in response to his request if any system of records named by the individual contains a record pertaining to him ; ( 2 ) define reasonable times, places, and requirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individual ; ( 3 ) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including special procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him ; ( 4 ) establish procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the agency of an initial adverse agency determination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this section; and ( 5 ) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and review of the record.\n\nThe Office of the Federal Register shall biennially compile and publish the rules promulgated under this subsection and agency notices published under subsection ( e ) ( 4 ) of this section in a form available to the public at low cost.\n\n( g ) ( 1 ) Civil Remedies.Whenever any agency ( A ) makes a determination under subsection ( d ) ( 3 ) of this section not to amend an individuals record in accordance with his request, or fails to make such review in conformity with that subsection ; ( B ) refuses to comply with an individual request under subsection ( d ) ( 1 ) of this section ; ( C ) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made which is adverse to the individual ; or ( D ) fails to comply with any other provision of this section, or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual, the individual may bring a civil action against the agency, and the district courts of the United States shall have jurisdiction in the matters under the provisions of this subsection.\n\n( 2 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( A ) of this section, the court may order the agency to amend the individuals record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 3 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( B ) of this section, the court may enjoin the agency from withholding the records and order the production to the complainant of any agency records improperly withheld from him. In such a case the court shall determine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the exemptions set forth in subsection ( k ) of this section, and the burden is on the agency to sustain its action.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 4 ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( C ) or ( D ) of this section in which the court determines that the agency acted in a manner which was intentional or willful, the United States shall be liable to the individual in an amount equal to the sum of ( A ) actual damages sustained by the individual as a result of the refusal or failure","date_sent_to_company":"2023-09-09T00:46:08.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"187XX","tags":null,"has_narrative":true,"complaint_id":"7522044","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2023-09-09T00:30:17.000Z","state":"PA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[4.5467515,"7522044"]},{"_index":"complaint-public-v1","_id":"7521743","_score":4.5467515,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I have asked this company to show me proof that I gave them written instructions to report the information on the attached dispute letter and they did not provide. Additionally I requested that they removed that information and it was denied. XXXX honored my request and respected my right to privacy per privacy act of 1974 however Experian and XXXX did not. They have broken the following federal laws. \n\n15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services. \n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. \n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section 6804 of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information.\n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution.\n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer.\n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law.\n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18.\n\n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates.\n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31.\n\n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( 7 ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained ; ( 11 ) at least 30 days prior to publication of information under paragraph ( 4 ) ( D ) of this subsection, publish in the Federal Register notice of any new use or intended use of the information in the system, and provide an opportunity for interested persons to submit written data, views, or arguments to the agency ; and ( 12 ) if such agency is a recipient agency or a source agency in a matching program with a non-Federal agency, with respect to any establishment or revision of a matching program, at least 30 days prior to conducting such program, publish in the Federal Register notice of such establishment or revision.\n\n( f ) Agency Rules.In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements ( including general notice ) of section 553 of this title, which shall ( 1 ) establish procedures whereby an individual can be notified in response to his request if any system of records named by the individual contains a record pertaining to him ; ( 2 ) define reasonable times, places, and requirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individual ; ( 3 ) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including special procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him ; ( 4 ) establish procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the agency of an initial adverse agency determination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this section; and ( 5 ) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and review of the record.\n\nThe Office of the Federal Register shall biennially compile and publish the rules promulgated under this subsection and agency notices published under subsection ( e ) ( 4 ) of this section in a form available to the public at low cost.\n\n( g ) ( 1 ) Civil Remedies.Whenever any agency ( A ) makes a determination under subsection ( d ) ( 3 ) of this section not to amend an individuals record in accordance with his request, or fails to make such review in conformity with that subsection ; ( B ) refuses to comply with an individual request under subsection ( d ) ( 1 ) of this section ; ( C ) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made which is adverse to the individual ; or ( D ) fails to comply with any other provision of this section, or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual, the individual may bring a civil action against the agency, and the district courts of the United States shall have jurisdiction in the matters under the provisions of this subsection.\n\n( 2 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( A ) of this section, the court may order the agency to amend the individuals record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 3 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( B ) of this section, the court may enjoin the agency from withholding the records and order the production to the complainant of any agency records improperly withheld from him. In such a case the court shall determine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the exemptions set forth in subsection ( k ) of this section, and the burden is on the agency to sustain its action.","date_sent_to_company":"2023-09-08T23:04:00.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"18702","tags":null,"has_narrative":true,"complaint_id":"7521743","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2023-09-08T23:03:56.000Z","state":"PA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[4.5467515,"7521743"]},{"_index":"complaint-public-v1","_id":"7508435","_score":4.5467515,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I have asked this company to show me proof that I gave them written instructions to report the information on the attached dispute letter and they have not provided it. Instead they decided to keep reporting this information against my authorization. The following laws were broken by these agencies ; 15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services.\n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section 6804 of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information.\n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution.\n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer.\n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law.\n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18.\n\n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates.\n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31.\n\n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( 7 ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained ; ( 11 ) at least 30 days prior to publication of information under paragraph ( 4 ) ( D ) of this subsection, publish in the Federal Register notice of any new use or intended use of the information in the system, and provide an opportunity for interested persons to submit written data, views, or arguments to the agency ; and ( 12 ) if such agency is a recipient agency or a source agency in a matching program with a non-Federal agency, with respect to any establishment or revision of a matching program, at least 30 days prior to conducting such program, publish in the Federal Register notice of such establishment or revision.\n\n( f ) Agency Rules.In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements ( including general notice ) of section 553 of this title, which shall ( 1 ) establish procedures whereby an individual can be notified in response to his request if any system of records named by the individual contains a record pertaining to him ; ( 2 ) define reasonable times, places, and requirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individual ; ( 3 ) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including special procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him ; ( 4 ) establish procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the agency of an initial adverse agency determination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this section; and ( 5 ) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and review of the record.\n\nThe Office of the Federal Register shall biennially compile and publish the rules promulgated under this subsection and agency notices published under subsection ( e ) ( 4 ) of this section in a form available to the public at low cost.\n\n( g ) ( 1 ) Civil Remedies.Whenever any agency ( A ) makes a determination under subsection ( d ) ( 3 ) of this section not to amend an individuals record in accordance with his request, or fails to make such review in conformity with that subsection ; ( B ) refuses to comply with an individual request under subsection ( d ) ( 1 ) of this section ; ( C ) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made which is adverse to the individual ; or ( D ) fails to comply with any other provision of this section, or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual, the individual may bring a civil action against the agency, and the district courts of the United States shall have jurisdiction in the matters under the provisions of this subsection.\n\n( 2 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( A ) of this section, the court may order the agency to amend the individuals record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 3 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( B ) of this section, the court may enjoin the agency from withholding the records and order the production to the complainant of any agency records improperly withheld from him. In such a case the court shall determine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the exemptions set forth in subsection ( k ) of this section, and the burden is on the agency to sustain its action.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.","date_sent_to_company":"2023-09-07T01:42:36.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"18201","tags":null,"has_narrative":true,"complaint_id":"7508435","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2023-09-07T01:42:31.000Z","state":"PA","company_public_response":null,"sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[4.5467515,"7508435"]},{"_index":"complaint-public-v1","_id":"7497818","_score":4.5467515,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I have asked this company to show me proof that I gave them written instructions to report the information on the attached dispute letter and they \" verified it ''. Additionally I requested that they removed that information and it was denied. They have broken the following federal laws. \n\n15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services.\n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section 6804 of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information. \n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution. \n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer. \n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law. \n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18.\n\n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates.\n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31.\n\n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( 7 ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained ; ( 11 ) at least 30 days prior to publication of information under paragraph ( 4 ) ( D ) of this subsection, publish in the Federal Register notice of any new use or intended use of the information in the system, and provide an opportunity for interested persons to submit written data, views, or arguments to the agency ; and ( 12 ) if such agency is a recipient agency or a source agency in a matching program with a non-Federal agency, with respect to any establishment or revision of a matching program, at least 30 days prior to conducting such program, publish in the Federal Register notice of such establishment or revision.\n\n( f ) Agency Rules.In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements ( including general notice ) of section 553 of this title, which shall ( 1 ) establish procedures whereby an individual can be notified in response to his request if any system of records named by the individual contains a record pertaining to him ; ( 2 ) define reasonable times, places, and requirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individual ; ( 3 ) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including special procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him ; ( 4 ) establish procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the agency of an initial adverse agency determination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this section; and ( 5 ) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and review of the record.\n\nThe Office of the Federal Register shall biennially compile and publish the rules promulgated under this subsection and agency notices published under subsection ( e ) ( 4 ) of this section in a form available to the public at low cost.\n\n( g ) ( 1 ) Civil Remedies.Whenever any agency ( A ) makes a determination under subsection ( d ) ( 3 ) of this section not to amend an individuals record in accordance with his request, or fails to make such review in conformity with that subsection ; ( B ) refuses to comply with an individual request under subsection ( d ) ( 1 ) of this section ; ( C ) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made which is adverse to the individual ; or ( D ) fails to comply with any other provision of this section, or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual, the individual may bring a civil action against the agency, and the district courts of the United States shall have jurisdiction in the matters under the provisions of this subsection.\n\n( 2 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( A ) of this section, the court may order the agency to amend the individuals record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 3 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( B ) of this section, the court may enjoin the agency from withholding the records and order the production to the complainant of any agency records improperly withheld from him. In such a case the court shall determine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the exemptions set forth in subsection ( k ) of this section, and the burden is on the agency to sustain its action.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 4 ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( C ) or ( D ) of this section in which the court determines that the agency acted in a manner which was intentional or willful, the United States shall be liable to the individual in an amount equal to the sum of ( A ) actual damages sustained by the individual as a result","date_sent_to_company":"2023-09-05T01:12:48.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"18201","tags":null,"has_narrative":true,"complaint_id":"7497818","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2023-09-05T00:56:44.000Z","state":"PA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[4.5467515,"7497818"]},{"_index":"complaint-public-v1","_id":"7521754","_score":4.5060616,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I have asked this company to show me proof that I gave them written instructions to report the information on the attached dispute letter and they did not provide. Additionally I requested that they removed that information and it was denied. XXXX honored my request and respected my right to privacy per privacy act of 1974 however XXXX and Transunion did not. They have broken the following federal laws. \n\n15 U.S. Code 1681a - Definitions ; rules of construction ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control ; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ; ( B ) any authorization or approval of a specific extension of credit directly or indirectly by the issuer of a credit card or similar device ; ( C ) any report in which a person who has been requested by a third party to make a specific extension of credit directly or indirectly to a consumer conveys his or her decision with respect to such request, if the third party advises the consumer of the name and address of the person to whom the request was made, and such person makes the disclosures to the consumer required under section 1681m of this title ; or ( D ) a communication described in subsection ( o ) or ( x ). [ 1 ] ( 3 ) Restriction on sharing of medical information.Except for information or any communication of information disclosed as provided in section 1681b ( g ) ( 3 ) of this title, the exclusions in paragraph ( 2 ) shall not apply with respect to information disclosed to any person related by common ownership or affiliated by corporate control, if the information is ( A ) medical information ; ( B ) an individualized list or description based on the payment transactions of the consumer for medical products or services ; or ( C ) an aggregate list of identified consumers based on payment transactions for medical products or services. \n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. \n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n( 2 ) Exception This subsection shall not prevent a financial institution from providing nonpublic personal information to a nonaffiliated third party to perform services for or functions on behalf of the financial institution, including marketing of the financial institutions own products or services, or financial products or services offered pursuant to joint agreements between two or more financial institutions that comply with the requirements imposed by the regulations prescribed under section 6804 of this title, if the financial institution fully discloses the providing of such information and enters into a contractual agreement with the third party that requires the third party to maintain the confidentiality of such information.\n\n( c ) Limits on reuse of information Except as otherwise provided in this subchapter, a nonaffiliated third party that receives from a financial institution nonpublic personal information under this section shall not, directly or through an affiliate of such receiving third party, disclose such information to any other person that is a nonaffiliated third party of both the financial institution and such receiving third party, unless such disclosure would be lawful if made directly to such other person by the financial institution.\n\n( d ) Limitations on the sharing of account number information for marketing purposes A financial institution shall not disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a credit card account, deposit account, or transaction account of a consumer to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer.\n\n( e ) General exceptions Subsections ( a ) and ( b ) shall not prohibit the disclosure of nonpublic personal information ( 1 ) as necessary to effect, administer, or enforce a transaction requested or authorized by the consumer, or in connection with ( A ) servicing or processing a financial product or service requested or authorized by the consumer ; ( B ) maintaining or servicing the consumers account with the financial institution, or with another entity as part of a private label credit card program or other extension of credit on behalf of such entity ; or ( C ) a proposed or actual securitization, secondary market sale ( including sales of servicing rights ), or similar transaction related to a transaction of the consumer ; ( 2 ) with the consent or at the direction of the consumer ; ( 3 ) ( A ) to protect the confidentiality or security of the financial institutions records pertaining to the consumer, the service or product, or the transaction therein ; ( B ) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability ; ( C ) for required institutional risk control, or for resolving customer disputes or inquiries ; ( D ) to persons holding a legal or beneficial interest relating to the consumer ; or ( E ) to persons acting in a fiduciary or representative capacity on behalf of the consumer ; ( 4 ) to provide information to insurance rate advisory organizations, guaranty funds or agencies, applicable rating agencies of the financial institution, persons assessing the institutions compliance with industry standards, and the institutions attorneys, accountants, and auditors ; ( 5 ) to the extent specifically permitted or required under other provisions of law and in accordance with the Right to Financial Privacy Act of 1978 [ 12 U.S.C. 3401 et seq. ], to law enforcement agencies ( including the Bureau of Consumer Financial Protection [ 1 ] a Federal functional regulator, the Secretary of the Treasury with respect to subchapter II of chapter 53 of title 31, and chapter 2 of title I of Public Law 91508 ( 12 U.S.C. 19511959 ), a State insurance authority, or the Federal Trade Commission ), self-regulatory organizations, or for an investigation on a matter related to public safety ; ( 6 ) ( A ) to a consumer reporting agency in accordance with the Fair Credit Reporting Act [ 15 U.S.C. 1681 et seq. ], or ( B ) from a consumer report reported by a consumer reporting agency ; ( 7 ) in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit if the disclosure of nonpublic personal information concerns solely consumers of such business or unit; or ( 8 ) to comply with Federal, State, or local laws, rules, and other applicable legal requirements ; to comply with a properly authorized civil, criminal, or regulatory investigation or subpoena or summons by Federal, State, or local authorities ; or to respond to judicial process or government regulatory authorities having jurisdiction over the financial institution for examination, compliance, or other purposes as authorized by law. \n\n15 U.S. Code 1681b - Permissible purposes of consumer reports ( a ) In general Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, a subpoena issued in connection with proceedings before a Federal grand jury, or a subpoena issued in accordance with section 5318 of title 31 or section 3486 of title 18. \n( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 1681e - Compliance procedures ( a ) Identity and purposes of credit users Every consumer reporting agency shall maintain reasonable procedures designed to avoid violations of section 1681c of this title and to limit the furnishing of consumer reports to the purposes listed under section 1681b of this title. These procedures shall require that prospective users of the information identify themselves, certify the purposes for which the information is sought, and certify that the information will be used for no other purpose. Every consumer reporting agency shall make a reasonable effort to verify the identity of a new prospective user and the uses certified by such prospective user prior to furnishing such user a consumer report. No consumer reporting agency may furnish a consumer report to any person if it has reasonable grounds for believing that the consumer report will not be used for a purpose listed in section 1681b of this title.\n\n( b ) Accuracy of report Whenever a consumer reporting agency prepares a consumer report it shall follow reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates. \n\n5 U.S. Code 552a - Records maintained on individuals ( a ) Definitions.For purposes of this section ( 1 ) the term agency means agency as defined in section 552 ( e ) [ 1 ] of this title ; ( 2 ) the term individual means a citizen of the United States or an alien lawfully admitted for permanent residence ; ( 3 ) the term maintain includes maintain, collect, use, or disseminate ; ( 4 ) the term record means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph ; ( 5 ) the term system of records means a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual ; ( 6 ) the term statistical record means a record in a system of records maintained for statistical research or reporting purposes only and not used in whole or in part in making any determination about an identifiable individual, except as provided by section 8 of title 13 ; ( 7 ) the term routine use means, with respect to the disclosure of a record, the use of such record for a purpose which is compatible with the purpose for which it was collected ; ( 8 ) the term matching program ( A ) means any computerized comparison of ( i ) two or more automated systems of records or a system of records with non-Federal records for the purpose of ( I ) establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or ( II ) recouping payments or delinquent debts under such Federal benefit programs, or ( ii ) two or more automated Federal personnel or payroll systems of records or a system of Federal personnel or payroll records with non-Federal records, ( B ) but does not include ( i ) matches performed to produce aggregate statistical data without any personal identifiers ; ( ii ) matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals ; ( iii ) matches performed, by an agency ( or component thereof ) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons ; ( iv ) matches of tax information ( I ) pursuant to section 6103 ( d ) of the Internal Revenue Code of 1986, ( II ) for purposes of tax administration as defined in section 6103 ( b ) ( 4 ) of such Code, ( III ) for the purpose of intercepting a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of intercepting a tax refund due an individual under any other tax refund intercept program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches ( I ) using records predominantly relating to Federal personnel, that are performed for routine administrative purposes ( subject to guidance provided by the Director of the Office of Management and Budget pursuant to subsection ( v ) ) ; or ( II ) conducted by an agency using only records from systems of records maintained by that agency ; if the purpose of the match is not to take any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel ; ( vi ) matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel ; ( vii ) matches performed incident to a levy described in section 6103 ( k ) ( 8 ) of the Internal Revenue Code of 1986 ; ( viii ) matches performed pursuant to section 202 ( x ) ( 3 ) or 1611 ( e ) ( 1 ) of the Social Security Act ( 42 U.S.C. 402 ( x ) ( 3 ), 1382 ( e ) ( 1 ) ) ; ( ix ) matches performed by the Secretary of Health and Human Services or the Inspector General of the Department of Health and Human Services with respect to potential fraud, waste, and abuse, including matches of a system of records with non-Federal records ; or ( x ) matches performed pursuant to section 3 ( d ) ( 4 ) of the Achieving a Better Life Experience Act of 2014 ; 1 ( 9 ) the term recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program ; ( 10 ) the term non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program ; ( 11 ) the term source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program ; ( 12 ) the term Federal benefit program means any program administered or funded by the Federal Government, or by any agent or State on behalf of the Federal Government, providing cash or in-kind assistance in the form of payments, grants, loans, or loan guarantees to individuals ; and ( 13 ) the term Federal personnel means officers and employees of the Government of the United States , members of the uniformed services ( including members of the Reserve Components ), individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States ( including survivor benefits ).\n\n( b ) Conditions of Disclosure.No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be ( 1 ) to those officers and employees of the agency which maintains the record who have a need for the record in the performance of their duties; ( 2 ) required under section 552 of this title ; ( 3 ) for a routine use as defined in subsection ( a ) ( 7 ) of this section and described under subsection ( e ) ( 4 ) ( D ) of this section ; ( 4 ) to the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13 ; ( 5 ) to a recipient who has provided the agency with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable ; ( 6 ) to the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value ; ( 7 ) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought ; ( 8 ) to a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual ; ( 9 ) to either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee ; ( 10 ) to the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the Government Accountability Office ; ( 11 ) pursuant to the order of a court of competent jurisdiction ; or ( 12 ) to a consumer reporting agency in accordance with section 3711 ( e ) of title 31. \n( c ) Accounting of Certain Disclosures.Each agency, with respect to each system of records under its control, shall ( 1 ) except for disclosures made under subsections ( b ) ( 1 ) or ( b ) ( 2 ) of this section, keep an accurate accounting of ( A ) the date, nature, and purpose of each disclosure of a record to any person or to another agency made under subsection ( b ) of this section; and ( B ) the name and address of the person or agency to whom the disclosure is made ; ( 2 ) retain the accounting made under paragraph ( 1 ) of this subsection for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made ; ( 3 ) except for disclosures made under subsection ( b ) ( 7 ) of this section, make the accounting made under paragraph ( 1 ) of this subsection available to the individual named in the record at his request; and ( 4 ) inform any person or other agency about any correction or notation of dispute made by the agency in accordance with subsection ( d ) of this section of any record that has been disclosed to the person or agency if an accounting of the disclosure was made.\n\n( d ) Access to Records.Each agency that maintains a system of records shall ( 1 ) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individuals record in the accompanying persons presence ; ( 2 ) permit the individual to request amendment of a record pertaining to him and ( A ) not later than 10 days ( excluding Saturdays, Sundays, and legal public holidays ) after the date of receipt of such request, acknowledge in writing such receipt ; and ( B ) promptly, either ( i ) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete ; or ( ii ) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official ; ( 3 ) permit the individual who disagrees with the refusal of the agency to amend his record to request a review of such refusal, and not later than 30 days ( excluding Saturdays, Sundays, and legal public holidays ) from the date on which the individual requests such review, complete such review and make a final determination unless, for good cause shown, the head of the agency extends such 30-day period ; and if, after his review, the reviewing official also refuses to amend the record in accordance with the request, permit the individual to file with the agency a concise statement setting forth the reasons for his disagreement with the refusal of the agency, and notify the individual of the provisions for judicial review of the reviewing officials determination under subsection ( g ) ( 1 ) ( A ) of this section ; ( 4 ) in any disclosure, containing information about which the individual has filed a statement of disagreement, occurring after the filing of the statement under paragraph ( 3 ) of this subsection, clearly note any portion of the record which is disputed and provide copies of the statement and, if the agency deems it appropriate, copies of a concise statement of the reasons of the agency for not making the amendments requested, to persons or other agencies to whom the disputed record has been disclosed ; and ( 5 ) nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.\n\n( e ) Agency Requirements.Each agency that maintains a system of records shall ( 1 ) maintain in its records only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the President ; ( 2 ) collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individuals rights, benefits, and privileges under Federal programs ; ( 3 ) inform each individual whom it asks to supply information, on the form which it uses to collect the information or on a separate form that can be retained by the individual ( A ) the authority ( whether granted by statute, or by executive order of the President ) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary ; ( B ) the principal purpose or purposes for which the information is intended to be used ; ( C ) the routine uses which may be made of the information, as published pursuant to paragraph ( 4 ) ( D ) of this subsection ; and ( D ) the effects on him, if any, of not providing all or any part of the requested information ; ( 4 ) subject to the provisions of paragraph ( 11 ) of this subsection, publish in the Federal Register upon establishment or revision a notice of the existence and character of the system of records, which notice shall include ( A ) the name and location of the system ; ( B ) the categories of individuals on whom records are maintained in the system ; ( C ) the categories of records maintained in the system ; ( D ) each routine use of the records contained in the system, including the categories of users and the purpose of such use ; ( E ) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records ; ( F ) the title and business address of the agency official who is responsible for the system of records ; ( G ) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him ; ( H ) the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records, and how he can contest its content ; and ( I ) the categories of sources of records in the system ; ( 5 ) maintain all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination ; ( 6 ) prior to disseminating any record about an individual to any person other than an agency, unless the dissemination is made pursuant to subsection ( b ) ( 2 ) of this section, make reasonable efforts to assure that such records are accurate, complete, timely, and relevant for agency purposes ; ( 7 ) maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity ; ( 8 ) make reasonable efforts to serve notice on an individual when any record on such individual is made available to any person under compulsory legal process when such process becomes a matter of public record ; ( 9 ) establish rules of conduct for persons involved in the design, development, operation, or maintenance of any system of records, or in maintaining any record, and instruct each such person with respect to such rules and the requirements of this section, including any other rules and procedures adopted pursuant to this section and the penalties for noncompliance ; ( 10 ) establish appropriate administrative, technical, and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained ; ( 11 ) at least 30 days prior to publication of information under paragraph ( 4 ) ( D ) of this subsection, publish in the Federal Register notice of any new use or intended use of the information in the system, and provide an opportunity for interested persons to submit written data, views, or arguments to the agency ; and ( 12 ) if such agency is a recipient agency or a source agency in a matching program with a non-Federal agency, with respect to any establishment or revision of a matching program, at least 30 days prior to conducting such program, publish in the Federal Register notice of such establishment or revision.\n\n( f ) Agency Rules.In order to carry out the provisions of this section, each agency that maintains a system of records shall promulgate rules, in accordance with the requirements ( including general notice ) of section 553 of this title, which shall ( 1 ) establish procedures whereby an individual can be notified in response to his request if any system of records named by the individual contains a record pertaining to him ; ( 2 ) define reasonable times, places, and requirements for identifying an individual who requests his record or information pertaining to him before the agency shall make the record or information available to the individual ; ( 3 ) establish procedures for the disclosure to an individual upon his request of his record or information pertaining to him, including special procedure, if deemed necessary, for the disclosure to an individual of medical records, including psychological records, pertaining to him ; ( 4 ) establish procedures for reviewing a request from an individual concerning the amendment of any record or information pertaining to the individual, for making a determination on the request, for an appeal within the agency of an initial adverse agency determination, and for whatever additional means may be necessary for each individual to be able to exercise fully his rights under this section; and ( 5 ) establish fees to be charged, if any, to any individual for making copies of his record, excluding the cost of any search for and review of the record.\n\nThe Office of the Federal Register shall biennially compile and publish the rules promulgated under this subsection and agency notices published under subsection ( e ) ( 4 ) of this section in a form available to the public at low cost.\n\n( g ) ( 1 ) Civil Remedies.Whenever any agency ( A ) makes a determination under subsection ( d ) ( 3 ) of this section not to amend an individuals record in accordance with his request, or fails to make such review in conformity with that subsection ; ( B ) refuses to comply with an individual request under subsection ( d ) ( 1 ) of this section ; ( C ) fails to maintain any record concerning any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such record, and consequently a determination is made which is adverse to the individual ; or ( D ) fails to comply with any other provision of this section, or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual, the individual may bring a civil action against the agency, and the district courts of the United States shall have jurisdiction in the matters under the provisions of this subsection.\n\n( 2 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( A ) of this section, the court may order the agency to amend the individuals record in accordance with his request or in such other way as the court may direct. In such a case the court shall determine the matter de novo.\n\n( B ) The court may assess against the United States reasonable attorney fees and other litigation costs reasonably incurred in any case under this paragraph in which the complainant has substantially prevailed.\n\n( 3 ) ( A ) In any suit brought under the provisions of subsection ( g ) ( 1 ) ( B ) of this section, the court may enjoin the agency from withholding the records and order the production to the complainant of any agency records improperly withheld from him. In such a case the court shall determine the matter de novo, and may examine the contents of any agency records in camera to determine whether the records or any portion thereof may be withheld under any of the exemptions set forth in subsection ( k ) of this section, and the burden is on the agency to sustain its action.","date_sent_to_company":"2023-09-08T23:03:50.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"18702","tags":null,"has_narrative":true,"complaint_id":"7521754","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2023-09-08T22:40:01.000Z","state":"PA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["a tax refund due an individual under authority granted by section 404 ( e ), 464, or 1137 of the Social Security Act ; or ( IV ) for the purpose of <em>intercepting</em> a tax refund due an individual under any other tax refund <em>intercept</em> program authorized by statute which has been determined by the Director of the Office of Management and Budget to contain verification, notice, and hearing requirements that are substantially similar to the procedures in section 1137 of the Social Security Act ; ( v ) matches"]},"sort":[4.5060616,"7521754"]}]},"aggregations":{"has_narrative":{"meta":{},"doc_count":40,"has_narrative":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":1,"key_as_string":"true","doc_count":40}]}},"product":{"doc_count":40,"product":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting or other personal consumer reports","doc_count":27,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting","doc_count":26},{"key":"Other personal consumer report","doc_count":1}]}},{"key":"Checking or savings account","doc_count":5,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Checking account","doc_count":5}]}},{"key":"Debt collection","doc_count":5,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit card debt","doc_count":4},{"key":"Medical debt","doc_count":1}]}},{"key":"Money transfer, virtual currency, or money service","doc_count":2,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Domestic (US) money transfer","doc_count":1},{"key":"Money order, traveler's check or cashier's check","doc_count":1}]}},{"key":"Credit card","doc_count":1,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"General-purpose credit card or charge card","doc_count":1}]}}]}},"issue":{"doc_count":40,"issue":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Problem with a company's investigation into an existing problem","doc_count":20,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Their investigation did not fix an error on your report","doc_count":20}]}},{"key":"Improper use of your report","doc_count":6,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Reporting company used your report improperly","doc_count":5},{"key":"Credit inquiries on your report that you don't recognize","doc_count":1}]}},{"key":"Managing an account","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Problem using a debit or ATM card","doc_count":2},{"key":"Deposits and withdrawals","doc_count":1}]}},{"key":"Attempts to collect debt not owed","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Debt is not yours","doc_count":2}]}},{"key":"False statements or representation","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Attempted to collect wrong amount","doc_count":2}]}},{"key":"Problem with a lender or other company charging your account","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Transaction was not authorized","doc_count":2}]}},{"key":"Advertising and marketing, including promotional offers","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Confusing or misleading advertising about the credit card","doc_count":1}]}},{"key":"Electronic communications","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Used obscene, profane, or other abusive language","doc_count":1}]}},{"key":"Fraud or scam","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Other service problem","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Unable to get your credit report or credit score","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Other problem getting your report or credit score","doc_count":1}]}}]}},"timely":{"doc_count":40,"timely":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Yes","doc_count":40}]}},"company_response":{"doc_count":40,"company_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Closed with non-monetary relief","doc_count":20},{"key":"Closed with explanation","doc_count":19},{"key":"Closed with monetary relief","doc_count":1}]}},"submitted_via":{"doc_count":40,"submitted_via":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Web","doc_count":40}]}},"company":{"doc_count":40,"company":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","doc_count":10},{"key":"Experian Information Solutions Inc.","doc_count":8},{"key":"EQUIFAX, INC.","doc_count":7},{"key":"CAPITAL ONE FINANCIAL CORPORATION","doc_count":2},{"key":"CITIBANK, N.A.","doc_count":2},{"key":"JPMORGAN CHASE & CO.","doc_count":2},{"key":"LEXISNEXIS","doc_count":2},{"key":"BANK OF AMERICA, NATIONAL ASSOCIATION","doc_count":1},{"key":"CBC Companies, Inc.","doc_count":1},{"key":"Community Health Investment Company, LLC.","doc_count":1},{"key":"HUNTINGTON NATIONAL BANK, THE","doc_count":1},{"key":"Radius Global Solutions LLC","doc_count":1},{"key":"WELLS FARGO & COMPANY","doc_count":1},{"key":"WESBANCO BANK, INC.","doc_count":1}]}},"state":{"doc_count":40,"state":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"PA","doc_count":17},{"key":"CA","doc_count":4},{"key":"NJ","doc_count":4},{"key":"MI","doc_count":3},{"key":"AR","doc_count":2},{"key":"GA","doc_count":2},{"key":"IL","doc_count":2},{"key":"MN","doc_count":1},{"key":"NC","doc_count":1},{"key":"OH","doc_count":1},{"key":"SC","doc_count":1},{"key":"TN","doc_count":1},{"key":"UT","doc_count":1}]}},"company_public_response":{"doc_count":40,"company_public_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","doc_count":23}]}},"tags":{"doc_count":40,"tags":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Servicemember","doc_count":6}]}}},"_meta":{"license":"CC0","last_updated":"2026-07-14T12:00:00-05:00","last_indexed":"2026-07-14T12:00:00-05:00","total_record_count":16441818,"is_data_stale":false,"has_data_issue":false,"break_points":{"2":[4.5060616,"7521754"]}}}