Privacy Law Blog

Tag Archives: identity theft

We Were Wrong About the Third Time Being A Charm: FTC Delays Enforcement of Red Flags Rule Yet Again

Today, at the urging of Members of Congress, the Federal Trade Commission (“FTC”) announced that it will delay enforcement of its Red Flags Rule for the fourth time. Financial institutions and creditors subject to enforcement by the FTC will now have until June 1, 2010 to develop written policies and procedures to detect and respond … Continue Reading

Third Time’s A Charm: FTC Delays Enforcement Of The Red Flags Rule Again

The Federal Trade Commission (“FTC”) announced today that, for the third time, it will delay enforcement of the Red Flags Rule until November 1, 2009 – a year after the original November 1, 2008 compliance deadline. In delaying enforcement yet again, the Commission stated that it intends to engage in an “expanded business education campaign” in … Continue Reading

Red Flag Rules Blindside Retailers, But Extension of Compliance Deadline Helps

Last month, we blogged about whether the Red Flag Rules apply to medical care providers.  According to the FTC, they may also apply to retailers. The Federal Trade Commission’s recently released “how-to” guide says that the Red Flag Rules apply to “retailers that offer financing or help consumers get financing from others, say, by processing credit applications.” However, most … Continue Reading

FTC Suspends Enforcement of Red Flag Rules For Six Months

The Federal Trade Commission (“FTC”) recently announced that it will not enforce the new Red Flag Rules until May 1, 2009, giving financial institutions and creditors an additional six months to comply by developing and implementing a written identity theft prevention program.  In an Enforcement Policy Statement released on October 22, 2008, the FTC acknowledged … Continue Reading

Red Flag Alert — Compliance Deadline is November 1, 2008

According to regulations published by the Federal Trade Commission and the federal banking agencies, covered companies that hold any customer accounts must implement identity theft prevention programs that identify and detect "Red Flags" signaling possible identity theft. Companies establishing such programs must create policies and procedures not only to recognize and detect Red Flags, but also to respond to Red Flags by preventing or mitigating potential identity theft. Furthermore, companies must develop reasonable policies and procedures to verify the identity of a customer opening an account, and must also periodically update their identity theft programs. The rules went into effect on January 1, 2008, and businesses must comply by November 1, 2008. … Continue Reading
LexBlog