FTC ISSUES FINAL IDENTITY THEFT DEFINITIONS, ACTIVE DUTY ALERT AND PROOF OF IDENTITY REGULATIONS
The Federal Trade Commission (FTC) has issued final rules under the Fair and Accurate Credit Transactions Act (FACTA), which amends the Fair Credit Reporting Act, regarding (i) further definition of the terms “identity theft” and “identity theft report,” (ii) the duration of active duty alerts and (iii) the appropriate proof of identity needed by consumers to block fraudulent trade lines in their consumer reports, place or remove fraud or active duty alerts or obtain a file disclosure containing a truncated social security number under certain circumstances.
The final rules are substantially similar to the proposed rules issued in April 2004. “Identity theft” is defined as a fraud committed or attempted using the identifying information of another person without authority. “Identity theft report” is defined as a report that (i) alleges identity theft with as much specificity as the consumer can provide, (ii) is a copy of an official, valid report filed by the consumer with a law enforcement agency, the filing of which subjects the consumer to potential criminal penalties if false information is reported, and (iii) may include additional information or documentation that an information furnisher or consumer reporting agency reasonably requests for the purpose of verifying the alleged identity theft under certain conditions. The duration of active duty alerts for military personnel will be 12 months. Credit reporting agencies must develop and implement “reasonable requirements” for what information consumers must provide to constitute “appropriate proof of identity” for purposes of certain provisions of the FACTA.
The rules become effective on December 1, 2004.