• On December 8, 2010, the US House of Representatives passed S. 3987, the Red Flag Program Clarification Act of 2010. The House version of the bill was not passed. This legislation amends the FTC’s Red Flag Rule which requires “creditors,” such as companies that invoice for goods or services (including most telecommunications companies), to develop and implement a written Identity Theft Prevention Program. Specifically, the legislation narrows the definition of “creditor” to include only service providers that (1) regularly and in the ordinary course of its business obtain or use consumer reports in connection with a credit transaction, (2) furnish information to consumer reporting agencies in connection with a credit transaction, (3) advance funds or credit to the consumer, or (4) maintain accounts that are subject to a reasonably foreseeable risk of identity theft. The new Red Flag law will go into effect on January 1, 2011, or upon the Clarification Act being signed by the President, whichever is earlier. Businesses that have not yet developed a written Program are encouraged to do so before the enforcement date. The FTC has prepared a Frequently Asked Questions document regarding the rules that can be found here.
  • Comments on the FTC’s Caller ID Advanced Notice of Proposed Rulemaking are due January 28, 2011. A link to the NPRM can be found here.
  • Comments on the privacy report issued December 1, 2010, by FTC staff are due January 31, 2011. A copy of the report can be found here.