FTC site helps meeting "Red Flags Rule"

Share this article:
Updated Friday, Apr. 3, 2009 at 3:30 p.m. EST

With the Federal Trade Commission (FTC) promising to begin enforcing the “Red Flags Rules” on May 1, the FTC launched on Thursday a website aimed at helping entities adhere to the requirements.

The rules, designed to reduce identity theft, requires that creditors and financial institutions create and implement an identity theft prevention program. The website describes the entities covered by the rule and provides information, articles and guidance to help entitles develop ID theft prevention programs, the FTC said in a news release.

One of the resources on the site is a how-to guide that provides tips for identifying and stopping ID theft.

The rules became effective Nov. 1 but will not be enforced by the FTC until May 1. Last October, the FTC extended the original Nov. 1 enforcement deadline because many companies were not prepared to meet the original requirements, the FTC said.

Eduard Goodman, general counsel and chief privacy officer for vendor Identity Theft 911, told SCMagazineUS.com Friday that the FTC has been tight-lipped about how the rule is going to be enforced -- likely because they don't want companies looking for ways to get around it.

Goodman said that based on his conversations with those in the industry, the FTC will likely enforce the rule on a case-by-case basis. The FTC maintains a database that tracks all identity theft cases reported to the agency. If they hear of instances of identity theft associated with a company, the FTC may ask for a copy of the company's identity theft prevention program, if any, Goodman said. If the entity has a program in place, the FTC will make a determination of whether it's adequate.

The May 1 enforcement deadline extension applies to entities under the FTC's jurisdiction, which includes state-chartered credit unions. The extension did apply to the the majority of the estimated 11 million businesses that must comply with the requirements, Goodman has said.

An FTC spokesperson could not be reached immediately Friday.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.