ALERT - President Obama Signs Red Flag Program Clarification Act

Print PDFShare
December 27, 2010

On December 18, 2010, President Obama signed into law the “Red Flag Program Clarification Act of 2010," which modifies the Federal Trade Commission’s (FTC) Red Flags Rule. The Red Flags Rule was promulgated by the FTC under the Fair and Accurate Credit Transition Act of 2003. It requires financial institutions and entities considered “creditors” to establish a written “Identify Theft Prevention Program,” designed to prevent and detect the warning signs associated with identity theft.  The Red Flags Rule came under serious scrutiny due to the overreaching definition of a creditor, which would place significant burdens on businesses across the nation. 

Recognizing this, the FTC delayed implementation of the Red Flags Rule five times to allow for Congressional clarification. Answering the call, on November 30 the Senate unanimously passed the “Red Flag Program Clarification Act of 2010” (S. 3987), and on December 7 the House of Representatives followed suit.  The legislation clarifies Congress’ intent that lawyers, accountants, health care and other service providers generally not be classified as “creditors” for the purposes of the Red Flags Rule. Specifically, the new legislation exempts from the rule any entity that "advances funds on behalf of a person for expenses incidental to a service provided by the creditor to that person."

The Red Flags Rule, as modified by the Red Flag Program Clarification Act of 2010, will go into effect on December 31, 2010.

Briggs' Privacy, Data Security and Cybersecurity group advises and represents clients on a wide range of issues pertaining to the privacy and security of information including, data protection; privacy-related litigation; security breaches; personal health information; drafting policies, authorizations and consents; privacy training; social security numbers; client confidentiality issues; and the Do Not Call Registry. Please contact a member of the Privacy and Data Security Group for further information.