Attorneys general from 31 states have asked the Federal Trade Commission (FTC) to update its Identity Theft Rules.

Noting the proliferation of identity theft and consumers’ inability to divine how information stolen from breaches is being used, the AGs said that the rules – also known as the Red Flags Rule and the Card Issuers Rule – 
“appropriately place the burden on certain entities to detect, prevent and mitigate identity theft.” And only those entities, they contended, “have the ability to stop a fraudulent account from being opened at their own place of business or to notify a consumer of a change of address in conjunction with a request for an additional or replacement card, which is a strong indicator that the account may have been taken over by an identity thief.”

As identity theft affects “16.7 million consumers with losses of $16.8 billion according to Javelin Research, this plague of theft has to be fought from all sides to start to cut down on those numbers,” said Robert Capps, vice president and authentication strategist for NuData Security. “Legislation as well as new procedures and technologies are required to battle identity theft.”

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.