FTC Pushes Back 'Red Flag' Deadline
Companies have another six months to develop identity theft prevention programs
The Federal Trade Commission is suspending enforcement of the new “Red Flags Rule” until May 1, 2009, to give creditors and financial institutions additional time to develop and implement written identity theft prevention programs.
The Red Flags Rule requires financial institutions and creditors to implement identity theft prevention programs that identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. (See Companies May Be Held Liable for Deals With Terrorists, ID Thieves.)
The FTC published details on the Red Flags Rule, including which businesses must comply, last year. Some of the businesses complained, stating that they were not aware that they were in the category of companies that would be required to comply, since they generally are not required to comply with FTC rules in other contexts. Others complained that they found out about the rule too late to comply.
The FTC said its delay of enforcement will give these entities sufficient time to establish and implement appropriate identity theft prevention programs.
— Tim Wilson, Site Editor, Dark Reading
About the Author
You May Also Like
Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024