The Federal Trade Commission’s “Red Flag Rules“, which require many municipalities and public utilities to implement guidelines for preventing and responding to identity theft, went into effect on December 31, 2010. However, legislation adopted by the Congress and signed into law by the President (S.3987), could allow some local governments and public utilities to avoid these new guidelines.
By themselves, the rules require creditors to have guidelines for preventing “foreseeable risk of identity theft” and responding to incidents of identity theft. A municipality is likely considered a creditor if it collects money for a service after that service is rendered which is of course the case with most utilities. However, taxes, as well as fees that fall under taxation such as parking tickets are not covered by this rule.
The legislation that has been adopted, known as the “Red Flag Program Clarification Act of 2010,” limits the definition of creditor and exempts a municipal service or utility if it does not, 1) obtain or use consumer reports, directly or indirectly, in connection with a credit transaction; 2) furnish information to consumer reporting agencies in connection with credit transaction; or, advance funds (as in cash) based on the recipients “obligation to repay or repayable from specific property pledged by or no behalf of the person.” Funds advanced “for expenses incidental to a service provided by the creditor to that person” are also exempt.
Please review the following sample documents and modify as appropriate for your municipality. The following are offered as samples and not model guidelines: