The FTC's Red Flags Rule (http://www.ftc.gov/redflagsrule), which requires covered organizations to implement a written identity thefts prevention program, is slated to go into effect on June 1, 2010. The scope of covered organizations is very broadly defined to cover organizations well beyond financial institutions. Rather, it also applies to creditors, organizations that regularly extend, renew, or continue credit - and likely applies to telecommunications companies and other utilities as well as businesses that grant loans. The rule itself obligates financial institutions and any other creditor that holds a consumer account to "develop and implement an Identity Theft Prevention Program" with policies and procedures to help reduce identity theft. What makes this rule so challenging, however, is that unlike other rules relating to financial institutions (such as the Gramm-Leach-Bliley privacy rules), the Red Flags Rule applies to any firm that maintains an ongoing account through which a consumer is charged. As the FTC may not further extend the compliance deadline, you need to begin working on compliance now if you have not already done so.
As we previously advised, on October 29, 2009 the District Court for the District of Columbia ruled that the FTC cannot force practicing attorneys to comply with Red Flags Rule.
PartnerMarketers, advertisers, agencies and suppliers, among others, regularly seek Andy’s counsel regarding legal aspects of their advertising and promotional marketing businesses. He’s pragmatic and always looks for ...