Subscribe To Our Newsletter
Subscribe To Our Newsletter
A proposed class action lawsuit claims Equifax Inc. violated state privacy laws by listing and selling Colorado residents’ personal cell phone numbers through paid commercial directories without obtaining their consent.
Everyday people who use cell phones in Colorado may have had their private numbers quietly turned into corporate profit. A proposed class action lawsuit claims that credit reporting giant Equifax Inc. has been illegally listing and selling residents’ personal cell phone numbers through various online business directories without ever asking for permission.
The lawsuit alleges that Equifax systematically violated Colorado state law by treating private mobile numbers as commercial commodities. If you live in Colorado and your cell phone number was included in one of Equifax’s subscription-based lookup tools, you may have had your data privacy rights violated. The legal action seeks to hold the multi-billion dollar company accountable and stop the unauthorized monetization of personal data.
The 12-page data privacy lawsuit, filed on June 4, 2026, in a Colorado state court, targets Equifax’s data-brokerage operations. While everyday people primarily know Equifax as one of the “Big Three” credit bureaus, the company also acts as a massive data aggregator. The complaint alleges that Equifax compiles vast databases of personal information and sells access to these profiles through specialized lookup directories.
According to the lawsuit, Equifax bundles people’s personal cell phone numbers and other private data points into several commercial products. These subscription-based systems include:
BusinessConnect for Marketing
Contact and Locate
Digital Identity Trust
FirstSearch
Marketing Identity Elements
TargetPoint Alerts
Through these platforms, outside businesses, corporate clients, and collectors pay Equifax subscription fees or buy credits to look up individual consumer profiles, effectively allowing Equifax to monetize people’s personal information for its own financial gain.
The legal core of the case rests on a specific state privacy shield: Colorado’s Prevention of Telemarketing Fraud Act (PTFA). This statute was put in place by the general assembly because lawmakers recognized that mobile phones are a highly personal and private medium of communication. Unlike traditional landlines, mobile devices go everywhere with a consumer, making unsolicited commercial exposure significantly more intrusive.
To protect everyday people, the PTFA features an explicit guardrail: it strictly prohibits any person or corporation from listing a cellular telephone number in a directory for commercial purposes unless the individual has provided clear, affirmative consent. This consent must be granted through explicit written, oral, or electronic means. The lawsuit claims Equifax completely ignored this legal boundary, failing to request or receive permission from thousands of Colorado residents before plastering their mobile numbers across its paid platforms.
The lawsuit stresses that Equifax’s directory products do not just cause financial frustration—they create real-world safety risks for everyday people. The complaint highlights that “people search sites” make sensitive, unlisted phone numbers and associated physical addresses readily accessible to virtually anyone willing to pay for a subscription.
Plaintiffs allege that by exposing this data, Equifax places Colorado residents at a heightened risk of stalking, unsolicited tracking, and domestic harassment. Furthermore, having a verified, active cell phone number made easily searchable makes consumers prime targets for malicious actors. Fraudulent telemarketers, identity thieves, and text-message scammers routinely exploit these databases to find vulnerable individuals, undermining trust in the digital marketplace.
In the modern economic landscape, personal consumer data has evolved into one of the world’s most valuable currencies. The legal complaint points out that consumer information serves as the foundational pillar for the online advertising and data-brokerage industry, which generates an estimated $26 billion per year. The lawsuit explicitly states that an individual’s private data “possesses inherent monetary value.”
As everyday people become increasingly aware of how much corporations profit off their personal details, privacy has become a major market force. The lawsuit cites a consumer survey showing that 89 percent of people actively avoid doing business with companies they believe fail to protect their privacy online. By selling off Colorado residents’ numbers without their input, Equifax allegedly deprives citizens of the economic value of their own data while pocketing the profits.
Because the lawsuit was only recently initiated, it has not yet reached a settlement phase, and there are no immediate cash pots or claim forms available. Instead, the case is moving through the preliminary stages to establish a certified class action.
The proposed lawsuit seeks to represent a specific class of affected individuals: all Colorado residents who, during the applicable statute of limitations period, had their cellular telephone numbers listed on any of Equifax’s directory products. If you are a Colorado resident and have noticed a sudden spike in spam calls, corporate solicitations, or collections inquiries on an otherwise private cell phone line, your information may have been compromised and commercialized within Equifax’s network.
The lawsuit, Clark v. Equifax Inc., has requested a jury trial in Colorado. The legal team representing the plaintiffs is seeking a multi-layered judgment to correct the credit bureau’s behavior. First, the suit seeks comprehensive monetary damages to compensate state residents for the unauthorized use and commercialization of their proprietary personal data.
Second, and perhaps most importantly, the lawsuit seeks an injunction from the court. If granted, this court order would legally compel Equifax to completely remove all non-consenting Colorado cell phone numbers from its BusinessConnect, FirstSearch, TargetPoint, and other directory databases. This would force the corporation to overhaul its data-collection pipelines and establish a strict system for verifying affirmative consumer consent moving forward.
Large data aggregators count on the fact that everyday people rarely have the time or resources to audit where their phone numbers are being sold. They operate under the assumption that individual consumers will simply tolerate spam text messages and robocalls as an annoyance of the modern world. However, when thousands of citizens come together under state privacy laws like the PTFA, they can demand structural corporate transparency.
You don’t stand alone against credit reporting giants. If you want to take proactive steps to guard your mobile privacy, you can look into data-removal services, monitor your digital footprint, and keep tabs on active data privacy litigation. Staying informed about the progress of the Clark v. Equifax case ensures that if a financial restitution fund or data-deletion portal is eventually mandated by the court, you will be prepared to claim your consumer rights.
New cases and investigations, settlement deadlines, and news straight to your inbox.
