The Federal Trade Commission has announced yet another postponement of the effective date of its identity theft-prevention Red Flags Rule, this time from June 1, 2010 until December 31, 2010. The Rule would require a very broad range of "creditors" to develop and implement written programs to identify and respond to patterns and activities--"red flags"--that could indicate identity theft. It has been in effect for traditional financial institutions since November 1, 2008. This latest postponement came at the request of several members of Congress who, according to the FTC's press release, want time "to fix the unintended consequences of the legislation establishing the Red Flags Rule." Much of the controversy involves the scope of the Rule's coverage. Back in December 2009, for example, a federal court held that the Rule could not be applied to lawyers, and other professional groups indicated that they would make similar challenges. Given the Rule's stop-and-start history thus far, it is impossible to predict what will happen next.
For the full text of the FTC's press release, see http://www.ftc.gov/opa/2010/05/redflags.shtm.