Skip Navigation

FTC Extends Red Flags Enforcement Deadline

Bookmark and Share

For the second time in recent memory, the Federal Trade Commission (FTC) has postponed enforcement of the Red Flags Rule until August 1, 2009.  According to an FTC Commissioner, the delay will allow associations and industry groups to better prepare their constituents for compliance.  The article also reports that the FTC is sensitive to complaints that Congress wrote the rule too broadly.  The FTC has also announced that it will develop and release guidelines to help low-risk entities comply with the law.

 The Red Flags Rule requires any organization classified very broadly as a “creditor” to develop written information protection policies, identify possible points of data vulnerability and have a plan for detecting and remediating breaches when they occur.