Header graphic for print
Privacy Law Blog

Tag Archives: red flags

FTC Extends (Yet Again) Enforcement Deadline for Identity Theft Red Flags Rule

Posted in Identity Theft

The Federal Trade Commission announced today that it is once again extending the deadline for enforcing its “Red Flags” Rule, while Congress considers legislation that would affect the scope of entities covered by the Rule. The FTC is delaying enforcement of the Rule until December 31, 2010 in response to a request from members of Congress who are working to finalize legislation that would limit the scope of business covered by the Rule.

Doesn’t Alice Live Here Anymore? FACTA and the Address Discrepancy Rule

Posted in FTC Enforcement

Section 315 of FACTA requires institutions that utilize consumer reports (“users”) to develop and follow certain procedures when notified of an address discrepancy  by a national CRA (Equifax, Experian and TransUnion). Under FACTA, national CRAs are required to issue a “notice of address discrepancy” when an address provided by a user requesting a consumer report “substantially… Continue Reading

FTC Suspends Enforcement of Red Flag Rules For Six Months

Posted in Identity Theft

The Federal Trade Commission (“FTC”) recently announced that it will not enforce the new Red Flag Rules until May 1, 2009, giving financial institutions and creditors an additional six months to comply by developing and implementing a written identity theft prevention program.  In an Enforcement Policy Statement released on October 22, 2008, the FTC acknowledged… Continue Reading

Red Flag Alert — Compliance Deadline is November 1, 2008

Posted in Financial Privacy, Identity Theft

According to regulations published by the Federal Trade Commission and the federal banking agencies, covered companies that hold any customer accounts must implement identity theft prevention programs that identify and detect “Red Flags” signaling possible identity theft. Companies establishing such programs must create policies and procedures not only to recognize and detect Red Flags, but also to respond to Red Flags by preventing or mitigating potential identity theft. Furthermore, companies must develop reasonable policies and procedures to verify the identity of a customer opening an account, and must also periodically update their identity theft programs. The rules went into effect on January 1, 2008, and businesses must comply by November 1, 2008.