For any of you familiar with the basic principles of the data protection act, please humour this theory.
1] Any UK co. I do business with as a statutory duty of care to protect my PII
2] I have no legal relationship with Equifax, so they’re not accountable to me. But any company I have a relationship with, who shares my data with Equifax, are.
3] Equifax have categorically been proven not to be competent and secure data processor
4] As a UK citizen, my data had no business being visible through a US website
So what would happen if I write to all my bank and utilities stating that they are in default breach of the DPA and I prohibit them from sharing any more of my data with Equifax.
Should they continue to do so, they are in further breach of the DPA to continue to expose my data to a third party that is no longer trustworthy or competent.
A further angle would be anyone wanted to switch suppliers and get out of contract early, could they claim breach of contract and walk – contract voided by the supplier because they have failed in their implied or explicit duty of care under the DPA.