Data voodoo: credit ranking agency CRIF creates credit rating out of thin air
Content
Credit Scoring Data voodoo: Credit ranking agency CRIF creates creditworthiness out of thin air. Data protection authority also demands disclosure of "scoring" logic. After about a year, the Austrian Data Protection Authority (DPA) finally issued a decision on our first complaint against the credit reporting agency CRIF. CRIF had attributed a negative credit rating to a data subject although the person was unknown to the credit agency. The individual was not given an electricity contract due to allegedly having "poor" credit worthiness. The Austrian Data Protection Authority (DPA) notes, on the one hand, that CRIF must disclose to the querying companies that the "creditworthiness" was only calculated from address, gender, name and date of birth. In addition, CRIF must (unlike in Germany, for example) explain the scoring to the consumer concerned. Information insufficient - CRIF must explain how score came about. The data subject had invoked their right of access under Article 15 GDPR t