I’m not sure opting out is a good solution. Not only will Equifax still receive the data and will most likely still log it, but it doesn’t do anything to actually discourage this practice.

The only way to kill this, apart from government intervention (which has no chance of happening in the US) is to let the “free market” do it by rejecting jobs that leak your information to Equifax (and letting them know why). Ideally, do this all the way at the end of the interviewing pipeline so that they would’ve incurred significant costs as a result. You want companies to lose money by using the service, as to remove the business case for it.

The objective here is to put pressure on employers not to leak employee data to scummy companies. If they start losing qualified candidates because of it they will reconsider the practice.

If you are in a good financial position and can afford to do so, resigning is also an option. Again make sure they know why you are doing so.

> apart from government intervention (which has no chance of happening in the US)

New York has already banned employers from purchasing pay history. All it takes is other states to get their act together many of which already have weaker protections regarding history.

In my opinion, banning the purchase would little, but what could be more effective is to ban the collection of it.

At a previous place I worked, the company was not even aware this information was being shared with Equifax. The payroll provider would share this data by default unless it was explicitly turned off.

This. It’s often ADP, Paychex, etc that is sharing the data. Did they get permission from the companies? I don’t know.

Thanks to this comment I searched for QuickBooks and Equifax. QuickBooks signed up their customers to automatically to share data with Equifax:

https://quickbooks.intuit.com/learn-support/en-us/employees-...

I just emailed Gusto to find out if they are sharing data with Equifax. I did not see a way to opt out in the employer or employee interface.

Gusto never responded. That is quite incriminating to me (you can't plea the 5th in the marketplace).

I work at a company using Gusto and Equifax did not have my data from my current employer, you should be ok.

Kudos to Gusto for not following the lead of less scrupulous payroll providers.

I ended up going down the rabbit hole looking into this practice and discovered companies exist advertising the ability to get any US citizens employment/compensation history for a nominal fee. An example of one such company: https://www.truework.com/

> The only way to kill this, apart from government intervention (which has no chance of happening in the US) is to let the “free market” do it by rejecting jobs that leak your information to Equifax (and letting them know why).

This will _only_ change through government intervention. The “free market” won’t solve this.

The "free market" created this

Which has no bearing on whether or not the "free market" (not that such a thing actually exists) can stop it.

> Which has no bearing on whether or not the "free market" (not that such a thing actually exists) can stop it.

How does it have _no_ bearing on whether the market can stop it? If the status quo is the result of market forces, one should at least consider the possibility that market forces will not result in anything different.

I think maybe you meant to say that market forces _might_ still stop this even if they have not done it so far. That is a bit more defensible.

The "free market" is great at creating problems.

That’s like saying “people” are great at creating problems. It is a true but unbalanced and unhelpful statement, since people are also great at solving problems.

The free market is great at creating solutions. Something planned economy based governments are incompetent at.

Evil humans sometimes make bad solutions in a free market. Let’s stop blaming systems and start blaming humans for their corrupt & greedy behaviour.

Fighting about systems only helps corrupt politicians topple each other from place of power. Hence the funding that goes into obsession over capitalism, socialism, communism debates.

Systems not taking into account that humans can behave in a corrupt and greedy way are just bad systems. We can totally blame those systems.

You won't know about it until after you've been hired though. Stopping Work Number reporting helps before being hired.

That’s even better; the cost of an employee resigning after being hired is much more than one dropping out of the hiring process. This gives you significantly more leverage should you resign or even threaten to resign as a result.

Doesn’t have to be just your employer. It could be your bank or financial institution when you request credit and they have to verify your employer and income. They bounce it off credit institutions, which capture compare and sell.

(sorry, dumb question) How would you find out?

You’d explicitly ask your HR department in writing, and get your Work Number report from Equifax (you can get it, right?) to make sure your employer isn’t mistakenly/maliciously sending data over despite claiming not to.

Both of those are post-hire actions, and assume that you will get an accurate response from either party.

True, but presumably the next time you are interviewing for a job, you can ask during the interview process, and then terminate the process of they tell you they do it. Preferably after they've wasted a bunch of time and money on your interviews.

Yeah I asked at my last place and they were basically like “too bad it’s not changing”

If you are able to resign, it will make them reconsider this decision.

I did, for various reasons including that

See my answer here: https://news.ycombinator.com/item?id=33214006

Just for clarity and equanimity about this stuff:

- If you sign up to see your TWN data (which is just the usual KYC-type sign-up), you can generate a report and will likely see that no employer has pulled your data in the past 24 months (the most they give). Most people who work in tech don't seem to have any inquiries registered for TWN when they check their report after hiring (from the handful of anecdata I have at hand).

- You don't have to mail anything in. They have some hokey secure email thing that is basically a link to a webform upload. Is it a weird process? Yeah, but it'll work just give it time.

- Opting out won't prevent partners that "subscribe" to TWN from sharing your data with them; it will only prevent partners from having access to your data until you unfreeze it. My current employer has been dutifully reporting my comp every month despite it having been frozen.

> They have some hokey secure email thing that is basically a link to a webform upload.

Not Equifax per se, but my understanding from dealing with background checking companies is that this pattern is to discourage people from sending sensitive information over email. 99% of people won't have a clue about how to encrypt email, nor will they think twice about sending an unencrypted attachment. Whereas a sanely coded web portal can enforce this.

The irony here is that its done for "security". But if the app itself has an unpatched vulnerability...

Ps I once did try sending an encrypted PDF to such a company, and instructed them to phone me for the password. This was apparently way over the heads of the person assigned to my case.

> instructed them to phone me for the password. This was apparently way over the heads of the person assigned to my case.

They probably knew exactly how to make a phone call, but the company may not have provided them with a means to do so.

And no, "Just use your personal phone" isn't an answer. I keep my personal stuff and my work stuff strictly separate from each other. If my company wants me to do something business-related, they provide me with all of the equipment and services necessary for me to do it, or it doesn't get done, plain and simple. When I'm out of the office after hours or on vacation, I'm not working. So no way in hell some random client is going to get my personal contact information via caller ID.

I see your point, and that is indeed the case in some companies (or even roles within companies). I also advocate for keeping a separate work/personal phone.

However, being a background checking company, making phone calls is absolutely in their BAU remit. Upon submission of documents, they even state in their automated email response that they may call you for further information. Plus, they regularly call companies to verify employment information.

I got the distinct impression that they have a certain process, and they pay certain ranks not very much to simply follow that process. Any minor deviation from that playbook needs to be handled by a "senior", who is "empowered" to think and handle things like a regular human.

Yes, this pattern is far better than attaching passport_scan.pdf over email! I used to send links to a fileshare that is password protected (hooray pcloud!), but it seems like most companies have really locked down that avenue of sharing (understandably so).

I successfully opted out around a year ago, but “opting out” just meant freezing my report.

I had asked my employer (a certain fruit company) to stop sending my information in the first place, but they refused.

Would that by chance be a fruit company that cultivates a very pro privacy reputation in public?

How to freeze your work number (copied from reddit):

Create an account using one of your employers (old or new, it doesn't matter). If you have problems with this step, then skip to step 2 and ask the CSR for help with this.

Call the customer service at 866-222-5880 (FYI, it helps to call early in the morning when most people are asleep) Choose option 2 for "Report a problem..."

Tell the customer service rep (CSR) that you want to freeze your SSN on TWN. Verbally verify that this will keep 3rd parties from accessing the info. At this point, the CSR may try to direct you to the online form, but you need to be firm and say that you want to complete the process over the phone. If they still try to direct you to the online form, say that you will not be satisfied until the process is completed over the phone. I know this can be uncomfortable for some folks to challenge someone like this, but it's the easiest way.

At this point, the CSR will ask for personal information including your account name (created in step 1) SSN, DOB, address, email

The rep will send you a one-time code using the method of your choice (phone, text, email, mail). I chose text message. Tell them the code verbally over the phone

Congrats. Your SSN is now frozen on TWN, preventing 3rd parties from access without your authority. You will receive a confirmation email

Optional

8) If your CSR was friendly and helpful, ask to speak with their manager and give them a little praise. Pull a reverse-Karen

I prefer this method because it prevents you from having to mail or email any documents and you get instant confirmation and a case number to review your status. The whole process took like 10 minutes over the phone.

If anyone is looking to fill the form:

https://simplePDF.eu/editor?open=https://assets.equifax.com/...

The document you load and the data you fill in are never sent to the server [1] (you don’t have to trust me, you can just disable internet after having clicked on the link above)

Disclosure: I’m the developer behind SimplePDF

[1] https://simplepdf.eu/privacy_policy

Hi, feature request:

Would you mind not allowing this to fall off the internet for as long as PDF is >0.0% relevant?

This is *great*, but what would even better would be only having to jam one single URL into my head for the next 10 years.

Consider also providing branding options and/or other enterprise-focused features; you'll end up drowning in requests for such eventually if you do stick around for that long, so you might as well beat everyone to the punch and figure out what you want that scene to look like (eg alternate domain?) sooner rather than later...

> Would you mind not allowing this to fall off the internet for as long as PDF is >0.0% relevant?

Will do! I built the editor so that it requires very little resources to maintain

Worst case scenario: I’ll open source the code!

> Consider also providing branding options and/or other enterprise-focused features; you'll end up drowning in requests for such eventually if you do stick around for that long, so you might as well beat everyone to the punch and figure out what you want that scene to look like (eg alternate domain?) sooner rather than later...

As a matter of fact it’s already built but not marketed yet, one such branded example: https://dundermifflin.simplePDF.eu

I’m currently working on the marketing side of things for this offering: (very much WIP) https://simplePDF.eu/portal

Lastly, for anyone interested in the editor embed in their website: https://simplePDF.eu/embed

Thanks for replying and for the info/clarification.

It's very cool to see you're already going in the obvious directions with this :)

Thanks for sharing this again. I used it last time this topic came up, worked great!

Happy to hear and thank you for the encouragement!

It means a lot to me

Same experience here. They ignored my initial email a couple weeks ago, and I will have to follow up. What a joke, these byzantine corporate communication standards are meant to frustrate the public into obsequiousness

You should also get your employer to not send your payroll data to Equifax. Opting out of Work Number only shuts off one way Equifax sells this information. They also collect the address on payroll and sell that database to law enforcement and skip tracers. You cannot opt out of that, to the best of my knowledge.

Please post updates as they slowly happen! I tried to do this a few years ago with my employer, but only GET the data (a freeze wasn’t a thing yet). Equifax stonewalled and told me I had to go through my employer to get my data. HR was purposely unhelpful and I got frustrated and gave up.

Apparently this[0] is a possible way of opting out by phone but can't speak to it personally as I haven't tried it

https://news.ycombinator.com/item?id=27703091#27705428

How might opting out of something like this affect your future ability to get financing for something, approved for a loan, or even allowed to I dunno, rent a car, open a bank account, start electricity/internet service somewhere, or rent an apartment?

Not trying to scare anybody away from opting out (I'd absolutely love to as well) but having been through something similar in the past and being denied access to basic services to live in the world as the "hidden" punishment for it, I wonder if something similar might emerge here should you do so...

Anyone have any insight on that, one way or the other?

They issue you a PIN via mail when they report your file is frozen with which you can use to unfreeze and refreeze the report. I’ve originated two auto loans with a credit union and have had a major US bank originate a mortgage with my report frozen. In all above cases, only the mortgage required docs; paystubs and W2s, no Work Number. Might have an issue if your HR won’t verify employment for renting admittedly. I don’t rent, so I can’t speak to that.

Bank accounts and utilities will use your credit file, not your employment data, to underwrite you.

@metadat I recommend you call during business hours and speak with a rep. +18662225880

Also worth mentioning that even just 3 years ago, The Work Number had fewer than 20,000 companies reporting data. Now it’s in the millions. But my point is that somehow loans and mortgages were still granted in 2019 without that data.

It’s not needed for a mortgage or loan. You have other ways of proving your income.

Last I checked, mortgage lenders were requesting tax return transcripts from the IRS for income verification. The Work Number is NOT needed.

I asked my payroll department to have ADP opt me out of sending my data. Afterwards when I logged in to generate a personal report, there was no longer any data.

I’ve had trouble getting my company to opt everyone out though…

Clickable links:

https://news.ycombinator.com/item?id=33198708

https://employees.theworknumber.com/employee-data-freeze/

equifax is still around after leaking enough information to steal the identities of half of america?

Guess you haven't watched much cable TV lately; they have augmented their business model to sell consumers their own credit info. You can even boost your credit score by giving them more payment data. Thanks Equifax!

you'd think the more data they have on you the _lower_ your score would be- i guess that's part of what this new proposed boycott is about

It's the Yelp protection racket model. Give us something of value and we'll reduce the negative impact of our made up scoring.

I was able to opt out by emailing them with pictures of my id, but it took two weeks to receive confirmation of it by mail IIRC.

I think you'd be better off posting to r/antiwork with a well researched explanation as to why it's problematic. Ideally with a call to action (for example, can you automate the opt out such that it spams the submission queue?).

You don't make a difference. Many people can make a difference.

I'm on the 2nd hoop, which is submitting personal information and documents on their website.

I guess no one got that I'm talking about the directions for not doing something, are to do the same thing, having to supply personal info to opt out of supplying personal info.

Can this be restricted by a state law? Credit reporting fells under federal jurisdiction, but I wonder if this is something that outside of credit reporting and can be heavily limited by state initiatives.

I've rejected a job for pulling similar things. I'm not sending photos and copies of my passport to any third party.

I suspect that you will may become unhireable by any company that relies on this service.

Sounds like a plus to anyone wanting to go through this process.

Yeah, and that's fine. Just wanted to let people know the downside.

Worst case, you would just need to unfreeze during periods where your background is being checked. You're not going to be approached about being frozen once you are employed.

Can a TWN data sharing opt out be undermined by signing a background check agreement?

The information is not available to anyone - only credentialed verifiers with a purpose permissible under the FCRA. Employee pay equity efforts don't count. Awful, yes.

Looks like the US needs something like GDPR.

US’s tech industry is built on violating everyone’s privacy and generally treating consumers like shit. A GDPR equivalent that’s actually enforced has no chance of passing in the US, and should it do so by some miracle, half the tech industry will disappear overnight and a lot of oxygen wasters will be out of a job.

I successfully froze my data in equifax’s system. I had to call them

Following