FTC Pushes Back 'Red Flag' Deadline

Companies have another six months to develop identity theft prevention programs

Dark Reading Staff, Dark Reading

October 24, 2008

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The Federal Trade Commission is suspending enforcement of the new “Red Flags Rule” until May 1, 2009, to give creditors and financial institutions additional time to develop and implement written identity theft prevention programs.

The Red Flags Rule requires financial institutions and creditors to implement identity theft prevention programs that identify, detect, and respond to patterns, practices, or specific activities that could indicate identity theft. (See Companies May Be Held Liable for Deals With Terrorists, ID Thieves.)

The FTC published details on the Red Flags Rule, including which businesses must comply, last year. Some of the businesses complained, stating that they were not aware that they were in the category of companies that would be required to comply, since they generally are not required to comply with FTC rules in other contexts. Others complained that they found out about the rule too late to comply.

The FTC said its delay of enforcement will give these entities sufficient time to establish and implement appropriate identity theft prevention programs.

— Tim Wilson, Site Editor, Dark Reading

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights