FTC site helps meeting "Red Flags Rule"

Share this article:
Updated Friday, Apr. 3, 2009 at 3:30 p.m. EST

With the Federal Trade Commission (FTC) promising to begin enforcing the “Red Flags Rules” on May 1, the FTC launched on Thursday a website aimed at helping entities adhere to the requirements.

The rules, designed to reduce identity theft, requires that creditors and financial institutions create and implement an identity theft prevention program. The website describes the entities covered by the rule and provides information, articles and guidance to help entitles develop ID theft prevention programs, the FTC said in a news release.

One of the resources on the site is a how-to guide that provides tips for identifying and stopping ID theft.

The rules became effective Nov. 1 but will not be enforced by the FTC until May 1. Last October, the FTC extended the original Nov. 1 enforcement deadline because many companies were not prepared to meet the original requirements, the FTC said.

Eduard Goodman, general counsel and chief privacy officer for vendor Identity Theft 911, told SCMagazineUS.com Friday that the FTC has been tight-lipped about how the rule is going to be enforced -- likely because they don't want companies looking for ways to get around it.

Goodman said that based on his conversations with those in the industry, the FTC will likely enforce the rule on a case-by-case basis. The FTC maintains a database that tracks all identity theft cases reported to the agency. If they hear of instances of identity theft associated with a company, the FTC may ask for a copy of the company's identity theft prevention program, if any, Goodman said. If the entity has a program in place, the FTC will make a determination of whether it's adequate.

The May 1 enforcement deadline extension applies to entities under the FTC's jurisdiction, which includes state-chartered credit unions. The extension did apply to the the majority of the estimated 11 million businesses that must comply with the requirements, Goodman has said.

An FTC spokesperson could not be reached immediately Friday.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.