Red Flags With Minimal Red Tape: Efficiently Implementing A Red Flags Program Under The FTC's New, And Broadly Applicable, Identity Theft Regulations
Many view the U.S. system for protecting personal information as an unconnected "patchwork" of laws and regulation. The recent – and dramatic – rise of identity theft has focused federal and state attention on this "patchwork," and this attention is increasingly connecting the "patches" of regulation into a significantly more comprehensive structure. Recently, the Federal Trade Commission (FTC) and five other agencies issued the so-called "Red Flags Rules," which in relevant part are broadly designed to detect, prevent, and mitigate identity theft. Under the Rules, a "Red Flag" is an indicator of the possible theft of a consumer's identity, or a business' identity. The Rules broadly apply to entities that provide ongoing credit to others – thus potentially covering entities that simply, for example, extend "net 30 days" payment terms. The Rules require these entities to implement a program to detect and act on "Red Flags" in establishing credit accounts, and in ongoing activities in these accounts. Due in large part to the broad application of the Rules, the FTC recently extended the deadline for compliance to May 1, 2009.
Partners Ieuan G. Mahony and James T. Mueller and associate Peter I. Sanborn will explain the Red Flags Rules, discuss their scope, and address the steps an entity subject to the Rules should take to prepare for the compliance deadline of May 1, 2009. Specifically, the program will:
Please note that email communications to the firm through this website do not create an attorney-client relationship between you and the firm. Do not send any privileged or confidential information to the firm through this website. Click "accept" below to confirm that you have read and understand this notice.