WASHINGTON — Georgia Congressman Barry Loudermilk is shooting back at consumer protection groups and other critics who have slammed his bill to curb the use of class action lawsuits in the aftermath of Equifax’s mammoth data breach.
The groups, including the National Association of Consumer Advocates and Georgia Watch, warned that the Republican’s legislation would harm consumers who are victims of credit reporting abuses by placing a $500,000 cap on the punitive damages they could receive from companies and urged him to withdraw the bill.
The legislation was also called out on air by consumer protection advocate Clark Howard as the full extent of the Equifax breach came to light. The fear was that it could give the Atlanta-based credit firm immunity from its liability in the breach, which exposed the sensitive personal information of 143 million Americans.
Loudermilk, at home in Cassville recovering from a serious car accident earlier this week, sent out a blistering press release on Friday night repudiating criticism of his bill. He said the idea that the legislation would give Equifax immunity was a “gross mischaracterization.”
“The bill does not give any immunity from prosecution or civil lawsuits for wrongdoing to any business,” he said in a lengthy statement.
He said his bill, which was introduced in May, was aimed at protecting community banks, retailers and other small businesses from frivolous class actions under a 1970 law ensuring accuracy and privacy of credit reports, not giants like Equifax.
“Reports that this bill would grant any immunity to Equifax for liability in this data breach are completely false,” the former businessman said.
In a bout of unfortunate timing, the House Financial Services Committee held a hearing on Loudermilk’s bill on September 7, the same day the Equifax hack became public. The second-term Republican said that in the aftermath of the breach, the panel has not “scheduled further action on any bill at this time.”
The committee has, however, announced a hearing to investigate Equifax. Loudermilk said the company needed to be held accountable for the breach and failure to notify the public in a more timely manner.
“Businesses such as Equifax that obtain and store massive amounts of information on individuals must be held to the highest data protection standards,” he said.