Motion Savary (12.3578): Credit rating databases. A problem that must be solved
Rejected (27.09.2012)
Submitted text
The Federal Council is instructed to prohibit, by means of an amendment to the Federal Act on Data Protection, the recording of data on the solvency of private individuals in databases other than the debt collection register and the database of the Consumer Credit Information Office (IKO).
Justification
Creditworthiness databases contain information about the solvency of private individuals. They belong to private credit agencies and are largely unknown to the public and, even worse, to the individuals concerned.
Against payment, everyone can get access to this data. Registered persons have the right to request information about their own data as well as its deletion. However, very few people know that they are registered, and if they do, they do not know which company to contact. This opaque situation contradicts the principles of the Federal Data Protection Act.
Another problem arises: the accuracy of the stored data. The information is often inaccurate, the claims dubious, or there is a mix-up of names (homonymy). Even good payers, and sometimes even children, are on these lists. The entire population can therefore fall victim to abusive data collection. The fact that this data is available in credit rating databases and can be viewed by anyone at will can have serious consequences. This is because the rating system of the credit bureaus (the A grade is the highest) can be consulted by any person or company wishing to obtain information about a citizen (e.g. administrations, employers, when granting small loans or taking out telephone subscriptions). Why is a person registered in such a data collection? Why does it have a certain rating and no other? There are no specifications as to how long the data may be stored, and there is no definition of what constitutes good or bad payers. It is not uncommon for a bad grade to be assigned based on a simple delay in payment.
These data collections have no legal basis, unlike the debt collection register and the IKO database, which is based on the Federal Consumer Credit Act. They must therefore be prohibited by law.
Statement of the Federal Council
The activities of private credit reporting agencies are in tension with the protection of the privacy of the persons covered by the credit reporting agencies. Private credit reporting agencies must comply with the Federal Act on Data Protection of 19 June 1992 (FADP; SR 235.1), which takes this tension into account, when processing the data of natural persons and legal entities. The Federal Council considers the complete ban on the registration of personal data in the area of creditworthiness by private credit reporting agencies proposed by the motion to be too far-reaching. However, it is prepared to examine the extent to which there is a need for additional legislative action in this context. This examination can be carried out as part of the work on the revision of the FADP. Preparatory work on this has now begun after the Federal Council came to the conclusion, following the recent evaluation of the DPA, that the law should be revised (see the Federal Council’s report on the evaluation of the DPA of 9 December 2011, BBl 2012 335ff.).