FTC delays identity theft protection rules till June 2010

Delayed for 4th time Red Flags identity protection will have to wait

Well, maybe the fourth time will be the charm.  This time the Federal Trade Commission said it delayed the enforcement of its Red Flags identity protection rules until June 1, 2010 at the request of Congressional members. 

At the request of Members of Congress, the Federal Trade Commission is delaying enforcement of the "Red Flags" Rule until June 1, 2010, for financial institutions and creditors subject to enforcement by the FTC. 

Layer 8 Extra: 15 genius algorithms that aren't boring 

The rules have been delayed three times and were originally set to become practice Nov. 1, 2008.  

Under the Red Flags rules all companies or services that regularly permit deferred payments for goods or services, including entities such as health care providers, attorneys, and other professionals, as well as retailers and a wide range of businesses that invoice their customers must develop a written program that identifies and detects the relevant warning signs - or "red flags" - of identity theft. These may include, for example, unusual account activity, fraud alerts on a consumer report, or attempted use of suspicious account application documents. The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program. 

The final rules require financial and credit institutions that hold any consumer account, or other account for which there is a reasonably foreseeable risk of identity theft, to develop and implement an Identity Theft Prevention Program for combating identity theft in connection with new and existing accounts, the FTC said.

 The FTC stated that some industries and entities within the agency's jurisdiction were uncertain about their coverage under the Red Flags Rule. Many entities also argue that, because they generally are not required to comply with FTC rules in other contexts, they have not had enough time to develop compliance plans. Others have raised a stink about complying with the rules. 

As a result the program hasn't been without its legal challenges. This month the House unanimously approved a measure to exempt health care, legal and accounting firms employing fewer than 20 people from Red Flags. That bill is now in committee.  

Also this month a US District court ruled that lawyers are exempt from the red flags rule requirements. The ruling gave a victory to an industry that objected to the FTC's definition of what constitutes a "creditor." The FTC said it may fight that ruling.

Layer 8 in a box

Check out these other cool stories:

DARPA "balloon hunt" could win you $40K cash

FBI: Ex- CEO of YouSendIt charged in denial of service of attack

Typewriter puts identity thieves in Federal prison

Ultra-endurance spy plane closer to reality

Feds whiffing on millions in electronics waste disposal

NASA Ares X blasts off carrying experiments, hopes of future unmanned space flight

10 NASA space technologies that may never see the cosmos

Top 10 cool satellite projects

Space agency wants volunteers to fly to Mars. Sort of.

Will high-tech trucks save Big Rig industry?

Can the Internet handle H1N1?

NASA's future: Now the battle begins

A $30 Billion US census?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)