Companies have another six months to develop identity theft prevention programs
The Federal Trade Commission is suspending enforcement of the new “Red Flags Rule” until May 1, 2009, to give creditors and financial institutions additional time to develop and implement written identity theft prevention programs.
The Red Flags Rule requires financial institutions and creditors to implement identity theft prevention programs that identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. (See Companies May Be Held Liable for Deals With Terrorists, ID Thieves.)
The FTC published details on the Red Flags Rule, including which businesses must comply, last year. Some of the businesses complained, stating that they were not aware that they were in the category of companies that would be required to comply, since they generally are not required to comply with FTC rules in other contexts. Others complained that they found out about the rule too late to comply.
The FTC said its delay of enforcement will give these entities sufficient time to establish and implement appropriate identity theft prevention programs.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024