FTC Extends Deadline for Compliance with “Red Flags” Rule
Telecommunications companies that would have had to implement identity theft prevention programs by November 1, 2008, have been given a reprieve until May 1, 2009. The Federal Trade Commission (FTC) has imposed a rule on all “financial institutions and creditors” requiring them to have in place identity theft prevention programs to identify, detect, and respond to patterns or specific activities that could indicate identity theft. Almost all telecommunications companies are considered creditors under the law because they let their customers pay after receiving services for a month and/or don’t cut off service even if a bill goes unpaid. According to the FTC, it found that many entities that are subject to the new rules were not aware of it or their responsibilities, which is the reason for the six-month extension. An FTC fact sheet on “Red Flags” can be found here: http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm and an FTC press release on the extension can be found here: www.ftc.gov/opa/2008/10/redflags.shtm