Updated 02/2012
Identity Theft Red Flags Rules
Contents
Introduction
The Federal Trade Commission's rules on identity theft, known as "Red Flags Rules," require financial institutions, utilities, and other creditors to set up programs aimed at preventing identity theft. Because of the definition of "creditor" in these rules, municipalities may be affected. Legal councils have advised that until the FTC revises its guidance, local governments with municipal utilities should comply with the Identity Theft Prevention Program provisions of the "Red Flag Rules." The FTC began enforcement of the "Red Flags" rule on January 1, 2011. The Federal Credit Reporting Act was amended by the Red Flag Program Clarification Act of 2010 to clarify the applicability of identity theft guidelines to creditors, however, it did not clearly include or exclude specific types of entities, such as utilities. This page provides links to federal regulations, advice given to Washington local governments, sample documents, and information provided by state leagues and national organizations to their municipal clients.
Federal Trade Commission Regulations
Advice Given to Washington State Local Governments
- Court of Appeals Analyzes Red Flag Program Clarification Act, Washington Municipal Law Update, Ogden Murphy Wallace, March 2011
- Municipal Utilities and the Red Flag Program Clarification Act of 2010, Washington Municipal Law Update, Ogden Murphy Wallace, February 2011
- Memo (
) to all cities, re: FACTA Red Flag Guidelines and Sample Program, from Kristin N. Eick and Phil A. Olbrechts, Ogden Murphy Wallace, 10/20/2008
- Washington Association of Sewer and Water Districts - Note each utility should review these documents with their attorney
- Identity Theft Program (), Washington Association of Sewer and Water Districts (WASWD) - A WASWD sample program explaining the purpose and requirements of the Red Flags Rule as promulgated by the Federal Trade Commission
- Memo () from Inslee Best to Washington Association of Sewer and Water Districts, 10/07/2008 - Compliance with FACTA Red Flags Rule; Preparation, Adoption, and Implementation of the Identity Theft Program by November 1, 2008
- Sample Resolution Approving and Adopting an Identity Theft Program ()
Washington Local Government Examples
- Clark County PUD Resolution No. 6889 () - Adopts an identity theft program and delegates program administration to the general manager, passed 10/2008
- DuPont
- Resolution No. 09-368 () - Identy Theft Prevention Program, passed 04/28/2009
- Utility Rental Authorization Form () - For rental property, a copy of the rental agreement from the prospective renter, homeowner, or managing company is required. In lieu of a rental agreement, a Utility Rental Authorization Form can be completed by the owner/property manager
- Ellensburg Resolution No. 2008-40 () - Adopts the Ellensburg identity theft program, passed 11/17/2008
- Friday Harbor Resolution No. 1681() - Adopts an identity theft prevention program; program included, passed 11/06/2008
- Issaquah Resolution No. 2009-04 () - Adopts an indenty theft prevention program, passed 04/06/2009
- La Center Resolution No. 08-303 () - Adopts identity theft prevention program for use by city sewer utility, passed 10/22/2008
- Port Angeles Resolution No.16-08 () - Adopts program to prevent identity theft, passed 10/2008
- Sequim Resolution No. 2009-05() - Adopts an identity theft policy, passed 04/27/2009
- Yakima Resolution No. 2009-08 () - Adopts program to prevent identity theft, passed 01/20/2009
Information from State Associations Including Model Policies
- AWWA Red Flag Template (), American Water Works Association
- Related Surveys: Red Flag Rule Survey, California Society of Municipal Finance Officers
- Identity Theft Prevention Program Compliance Model (), National Rural Water Association, 09/29/2008
- North Carolina Municipal League Memo (), re: Identity Theft Prevention Programs/Red Flag Rules - Important Information on New Federal Requirements for Municipalities, Memo to Managers, Administrators, Clerks, Attorneys, Finance Officers, from Andrew L. Romanet, Jr., General Counsel, and John M. Phelps, II, Senior Assistant General Counsel, 09/04/2008
- Tennessee Municipal Technical Advisory Service (MTAS) Model Identity Theft Policy and FACTA Compliance, by Josh Jones, MTAS Legal Consultant
- Update on FTC’s “Red Flag”/Identity Theft Protection Rule; Little Impact of “Red Flag Program Clarification Act of 2010” on MEUW Member Utilities (
), Municipal Electric Utilities of Wisconsin (MEUW) Memo to Members, 01/11/2011
Articles on Red Flags Rules
- Agencies Issue Final Rules on Identity Theft Red Flags and Notices of Address Discrepancy, Federal Trade Commission, 10/31/2007
- The FTAC Act - Overview: An Overview of the Final Rulemaking on Identity Theft Red Flags and Address Discrepancies (), by Pavneet Singh and Tiffany George, Attorneys for Division of Privacy and Identity Protection, Federal Trade Commission
- The "Red Flags" Rule: What Utility Companies Need to Know About Complying with New Requirements for Fighting Identity Theft (), by Tiffany George and Pavneet Singh, Federal Trade Commission, January 2009
- New Regulations Mandating Identity Theft Prevention Programs and Address Discrepancies and Change Requests (), by Holly K. Towle, CCH Guide to Computer Law, No. 315, 2007 - Posted with permission on K & L Gates Website Licensing and E-merging Commerce : Newsstand