LifeLock Blog

According to a recent published survey done by the Bureau of Justice Statistics (BJS) 11.7 million people have become victims of identity theft, which represents about 5% of the US population 16 years and older. The survey also stated that the total financial losses due to identity theft were more than $17 billion.

Of the 11.7 million identity theft victims 6.2 million of them experienced the unauthorized use or attempted use of an existing credit card account. This is the most common from of identity theft due to how easy it is to steal someone’s credit card and use it. 4.4 million people experienced misuse or attempted misuse of a banking account, which also includes debit, checking or savings accounts. 1.7 million people had their information used to open new accounts and still another 618,900 people had their information used to commit crimes such as fraudulently obtaining medical care or government benefits or providing false information to law enforcement during a crime or traffic stop.

23% of people affected by identity theft suffered out of pocket expenses, with the average loss being $1,870. 1/3 of people affected by identity theft spend upwards of a month cleaning up the mess caused by it.

All these statistics are a little disheartening, but it’s not all bad. The Red Flag laws are finally going to stick and be enforced and local and federal police are more aware and prepared to combat identity theft as well. The facial recognition systems used to identity duplicate drivers license applicants is a good step in the right direction as well. Of course great tools like LifeLock are always there to protect you encase of an identity theft. As thieves become more cunning and inventive lets just hope law enforcement and companies like LifeLock do as well.

The Red Flag Laws that took effect on Jan. 1, 2008, where supposed to require businesses that handle credit to adopt written plans to identify, detect, monitor and respond to potential instances of identity theft. The enforcement deadline was set for a reasonable Nov.1, 2008, but the FTC as postponed the enforcement several times to allow business time to comply.

The first time the laws were delayed was to May 1, 2009. Then the FTC backed it up to August 1, 2009, and then Nov. 1, 2009, and then again to June 1, 2010 ,and then finally Jan. 1, 2011 were the FTC says it will finally be enforced.

One of the reasons for the delays were because of several groups petitioning the FTC for more time to comply. Other delays were because of several members of congress trying to narrow the scope of the law.

Several professions have already worked their way out of the Red Flag Laws including lawyers, health care providers, and physicians. Also under the new clarification act any businesses that allows deferred payments for expenses incidental to a service is now not considered to be a creditor and is exempt from the Red Flag laws as well. So it seems there’s not a whole lot of businesses left to comply mainly car dealerships from what I have read.  Oh well, at least they aren’t going to move the deadline back again it was starting to get ridiculous.

who are the red flag laws for anyway? I know the regulation says creditors and that was supposed to include health care providers, attorneys, doctors, hospitals, and anyone who allows people to deffer payments. I’m sure they meant to include them in the regulations to make their professions less likely to be used and abused by identity thieves. It seems the attorneys and health care providers as well as other who  permit payment to be deferred have been left off the hook.  Pending litigation by the American Medical Association and other physician organizations has all but gotten them exempt as well. So who are these laws for anyway?

What follows is the new clarification as to what a creditor means.

SECTION 1. SHORT TITLE.

This Act may be cited as the `Red Flag Program Clarification Act of 2010′.

SEC. 2. SCOPE OF CERTAIN CREDITOR REQUIREMENTS.

(a) Amendment to FCRA- Section 615(e) of the Fair Credit Reporting Act (15 U.S.C. 1681m(e)) is amended by adding at the end the following:

`(4) DEFINITIONS- As used in this subsection, the term `creditor’–

`(A) means a creditor, as defined in section 702 of the Equal Credit Opportunity Act (15 U.S.C. 1691a), that regularly and in the ordinary course of business–

`(i) obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction;

`(ii) furnishes information to consumer reporting agencies, as described in section 623, in connection with a credit transaction; or

`(iii) advances funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person;

`(B) does not include a creditor described in subparagraph (A)(iii) that advances funds on behalf of a person for expenses incidental to a service provided by the creditor to that person; and

`(C) includes any other type of creditor, as defined in that section 702, as the agency described in paragraph (1) having authority over that creditor may determine appropriate by rule promulgated by that agency, based on a determination that such creditor offers or maintains accounts that are subject to a reasonably foreseeable risk of identity theft.’

(b) Effective Date- The amendment made by this section shall become effective on the date of enactment of this Act.

Confused? Yeah so am I, not sure what all that says but it seems no one except for people who most likely already have identity theft detection programs active have to follow these rules. These Red Flag laws started out as a great idea, but now they a simply a job that can be fixed simply by complaining enough about them.