Identity Theft Red Flags Rules

Contents

• About the Red Flags Regulations
• Federal Trade Commission Regulations
• Information from Washington State Local Governments and Organizations
• Washington Local Government Examples
• Information from State Municipal League Including Model Policies
• Information from Utility Associations
• Related Information

About the Red Flags Regulations

The Federal Trade Commission's rules on identity theft, known as "Red Flags Rules," require financial institutions, utilities, and other creditors to set up programs aimed at preventing identity theft.  Because of the definition of "creditor" in these rules, municipalities may be affected. The mandatory compliance date for this rule was originally November 1, 2008. The FTC granted a delay of enforcement of the “Red Flags” Rule through December 31 2010.  The Federal Credit Reporting Act was amended by the Red Flag Program Clarification Act of 2010 to clarify the applicability of identity theft guidelines to creditors.  (See links below)

Federal Trade Commission Regulations

• Fighting Fraud with the Red Flags Rule: A How-To Guide for Business - Federal Trade Commission Red Flags Site
• Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003 - Final Rule, published November 9, 2007 
• FTC News Release of May 28, 2010 - FTC Extends Enforcement Deadline for Identity Theft Red Flags Rule
• Red Flag Program Clarification Act of 2010,  S. 3987, signed  by President  Obama 12/18/10 - Amends  the Fair Credit Reporting Act with respect to the applicability of identity theft guidelines to creditors.
• FTC Red Flags Rules Articles
  • Agencies Issue Final Rules on Identity Theft Red Flags and Notices of Address Discrepancy - Federal Trade Commission 
  • New ‘Red Flag’ Requirements for Financial Institutions and Creditors Will Help Fight Identity Theft  - FTC Bureau of Consumer Protection,  June 2008
  • The FTAC Act - Overview: An Overview of the Final Rulemaking on Identity Theft Red Flags and Address Discrepancies (), Pavneet Singh and Tiffany George, Attorneys for Division of Privacy and Identity Protection, Federal Trade Commission
  • The “Red Flags” Rule: What Utility Companies Need to Know About Complying with New Requirements for Fighting Identity Theft (), by Tiffany George and Pavneet Singh,  Federal Trade Commission, January 2009

Information from Washington State Local Governments and Organizations

• Court of Appeals Analyzes Red Flag Program Clarification Act,  Washington Municipal Law Update, Ogden Murphy Wallace, March 2011
• Municipal Utilities and the Red Flag Program Clarification Act of 2010, Washington Municipal Law Update, Ogden Murphy Wallace, February 2011
• Memo to All Cities () from Kristin N. Eick and Phil A. Olbrechts, Ogden Murphy Wallace, October 20, 2008 Re FACTA Red Flag Guidelines and Sample Program
• Washington Association of Sewer and Water Districts  - Note each utility should review these documents with their attorney
  • Identity Theft Program () - A memo explaining the purpose and requirements of the Red Flags Rule as promulgated by the Federal Trade Commission
  • Memo () From Inslee Best to Washington Association of Sewer and Water Districts, October 7, 2008 - Compliance with FACTA Red Flags Rule; Preparation,  Adoption, and Implementation of the Identity Theft Program by November 1, 2008
  • Sample Resolution Approving and Adopting an Identity Theft Program ()

Washington Local Government Examples  

• Bothell Resolution No. 1231() - Adopts an indentity theft program, 4-08-09
• Clark County PUD Resolution No. 6889 () - Adopts an identity theft program and delegates program administration to the general manager, passed 10-08
• DuPont
  • Resolution No. 09-368 - Identy Theft Prevention Program
  • Utility Rental Authorization Form - For rental property, a copy of the rental agreement from the prospective renter, homeowner, or managing company is required. In lieu of a rental agreement, a Utility Rental Authorization Form can be completed by the owner/property manager
• Ellensburg Resolution No. 2008-40 () - Adopts the Ellensburg identity theft program, 11-17-08
• Friday Harbor Resolution No. 1681 () - Adopts an identity theft prevention program; program included, passed 11-08 
• Issaquah Resolution No. 2009-04 () - Adopts an indenty theft prevention program, 4-0-09
• La Center Resolution No. 08-303 () - Adopts identity theft prevention program for use by city sewer utility, passed 10-22-08
• Lake Forest Park Ordinance No. 997 (Draft) ()  - Council agenda item meeting of  4-23-09
• Port Angeles Resolution No.16-08 () - Adopts program to prevent identity theft, passed 10-08
• Sequim Resolution No. 2009-05 () - Adopts an identity theft policy, passed 4-27-09
• Yakima Resolution No. 2009-08 () - Adopts program to prevent identity theft, passed 1-20-09

Information from State Municipal Leagues and Organizations Including Model Policies

• California Society of Municipal Finance Officers - "Red Flag" Identity Theft Program - Documents - Includes Roseville, CA
• North Carolina Municipal League -  Memo RE: Identity Theft Prevention Programs/Red Flag Rules () - Important Information on New Federal Requirements for Municipalities, Memo to Managers, Administrators, Clerks, Attorneys, Finance Officers, from Andrew L. Romanet, Jr., General Counsel, and John M. Phelps, II, Senior Assistant General Counsel, September 4, 2008
• Tennessee Municipal Technical Advisory Service (MTAS) - Model Identity Theft Policy and FACTA Compliance, by Josh Jones, MTAS Legal Consultant
  
  • Model Identity Theft Policy and Adopting Resolution () 
  • Model Identity Theft Policy and FACTA Compliance ()

Information from Utility Associations (Non Washington)

• AWWA Red Flag Template () - American Water Works Association 
• Kansas Rural Water Association - Red Flag Rules Update: Do water utilities have to comply?
• National Rural Water Association - Identity Theft Prevention Program Compliance Model (), September 29, 2008
• Tennessee Association of Utility Districts - Model Red Flags Rule Program: Identity Theft Prevention Program (),  by John Shadwick, August 31, 2008

Related Information

• New Regulations Mandating Identity Theft Prevention Programs and Address Discrepancies and Change Requests (), by Holly K. Towle, CCH Guide to Computer Law, Number 315,  2007 -  Posted with permission on K & L Gates Website Licensing and E-merging Commerce : Newsstand