Identity Theft Rules, 63604-63606 [2018-26609]
Download as PDF
<![CDATA[
63604
Federal Register / Vol. 83, No. 237 / Tuesday, December 11, 2018 / Proposed Rules
VOR are VOR Federal airways V–113,
V–137, V–485.
With the planned decommissioning of
the Priest VOR, the remaining groundbased NAVAID coverage in the area is
insufficient to enable the continuity of
the affected airways. As such, proposed
modifications to V–113, V–137, and V–
485 would result in gaps in the route
structures.
To overcome the gap in V–113,
instrument flight rules (IFR) traffic
could use adjacent VOR Federal airways
V–248 and V–107 between the Paso
Robles, CA, VORTAC and the Panoche,
CA, VORTAC.
V–137 is proposed to terminate at the
Avenal, CA, VOR/DME instead of the
Salinas, CA, VORTAC (current route
termination point). Alternate course to
reach the Salinas, CA, VORTAC is to file
V–248.
V- 485 is proposed to terminate at the
Fellows, CA, VOR/DME instead of the
San Jose, CA, VOR/DME (current route
termination point). Alternate course to
reach San Jose, CA, VOR/DME is to file
V–25. Additionally, ATS route T–333 is
proposed to be extended as part of
another rulemaking action that will
mitigate the loss of V–485.
Lastly, IFR traffic could file point to
point through the affected area using
fixes that will remain in place, or
receive air traffic control (ATC) radar
vectors through the area. Visual flight
rules pilots who elect to navigate via the
airways through the affected area could
also take advantage of the adjacent VOR
Federal airways or ATC services listed
previously.
amozie on DSK3GDR082PROD with PROPOSALS1
The Proposal
The FAA is proposing an amendment
to Title 14 Code of Federal Regulations
(14 CFR) part 71 to modify Domestic
VOR Federal Airways (V–113, V–137
and V–485). The proposed route
changes are outlined below.
V–113: V–113 currently extends
between the Morro Bay, CA, VORTAC to
the Lewistown, MT, VOR/DME. The
FAA plans to delete the segment
between the Paso Robles, CA, VORTAC
and the Panoche, CA, VORTAC causing
a gap in the route. The new route will
stop at the Paso Robles, CA, VORTAC
and resume at the Panoche, CA,
VORTAC. The unaffected portion of the
existing route will remain as charted.
V–137: V–137 currently extends
between Mexicali, Mexico via the
Imperial, CA, VORTAC to the Salinas,
CA, VORTAC. The FAA plans to delete
the segment between the Avenal, CA,
VOR/DME and the Salinas, CA,
VORTAC. The new route will end at the
Avenal, CA, VOR/DME. The unaffected
VerDate Sep<11>2014
17:07 Dec 10, 2018
Jkt 247001
portion of the existing route will remain
as charted.
V–485: V–485 currently extends
between the Ventura, CA, VOR/DME to
the San Jose, CA, VOR/DME. The FAA
plans to delete the segment between the
Fellows, CA, VOR/DME and the San
Jose, CA, VOR/DME. The new route will
end at the Fellows, CA, VOR/DME. The
unaffected portion of the existing route
will remain as charted.
Domestic VOR Federal Airways in
paragraph 6010 of FAA Order 7400.11C
dated August 13, 2018, and effective
September 15, 2018, which is
incorporated by reference in 14 CFR
71.1. The Domestic VOR Federal
Airways listed in this document will be
subsequently published in the Order.
Regulatory Notices and Analyses
The FAA has determined that this
proposed regulation only involves an
established body of technical
regulations for which frequent and
routine amendments are necessary to
keep them operationally current. It,
therefore: (1) Is not a ‘‘significant
regulatory action’’ under Executive
Order 12866; (2) is not a ‘‘significant
rule’’ under Department of
Transportation (DOT) Regulatory
Policies and Procedures (44 FR 11034;
February 26, 1979); and (3) does not
warrant preparation of a regulatory
evaluation as the anticipated impact is
so minimal. Since this is a routine
matter that will only affect air traffic
procedures and air navigation, it is
certified that this proposed rule, when
promulgated, will not have a significant
economic impact on a substantial
number of small entities under the
criteria of the Regulatory Flexibility Act.
Environmental Review
This proposal will be subject to an
environmental analysis in accordance
with FAA Order 1050.1F,
‘‘Environmental Impacts: Policies and
Procedures’’ prior to any FAA final
regulatory action.
List of Subjects in 14 CFR Part 71
Airspace, Incorporation by reference,
Navigation (air).
The Proposed Amendment
In consideration of the foregoing, the
Federal Aviation Administration
proposes to amend 14 CFR part 71 as
follows:
PART 71—DESIGNATION OF CLASS A,
B, C, D, AND E AIRSPACE AREAS; AIR
TRAFFIC SERVICE ROUTES; AND
REPORTING POINTS
1. The authority citation for part 71
continues to read as follows:
■
PO 00000
Frm 00011
Fmt 4702
Sfmt 4702
Authority: 49 U.S.C. 106(f), 106(g); 40103,
40113, 40120; E.O. 10854, 24 FR 9565, 3 CFR,
1959–1963 Comp., p. 389.
§ 71.1
[Amended]
2. The incorporation by reference in
14 CFR 71.1 of FAA Order 7400.11C,
Airspace Designations and Reporting
Points, dated August 13, 2018 and
effective September 15, 2018, is
amended as follows:
■
Paragraph 6010(a)
Airways
Domestic VOR Federal
V–113 (Amended)
From Morro Bay, CA; to Paso Robles, CA.
From Panoche, CA; to Linden, CA; INT
Linden 046°(T) 029°(M) and Mustang, NV,
208°(T) 192°(M) radials; Mustang; 42 miles,
24 miles, 115 MSL, 95 MSL, Sod House, NV;
67 miles, 95 MSL, 85 MSL, Rome, OR; 61
miles, 85 MSL, Boise, ID; Salmon, ID;
Coppertown, MT; Helena, MT; to Lewistown,
MT.
*
*
*
*
*
V–137 (Amended)
From Mexicali, Mexico; via Imperial, CA;
INT Imperial 350°(T) 336°(M) and Thermal,
CA 144°(T) 131°(M) radials; Palm Springs,
CA; Palmdale, CA; Gorman, CA; Avenal, CA.
The airspace within Mexico is excluded.
*
*
*
*
*
V–485 (Amended)
From Ventura, CA; to Fellows, CA. The
airspace within W–289 and R–2519 more
than three (3) statute miles west of the airway
centerline and the airspace within R–2519
below 5,000 feet MSL is excluded.
Issued in Washington, DC, on December 3,
2018.
Rodger A. Dean Jr.,
Manager, Airspace Policy Group.
[FR Doc. 2018–26679 Filed 12–10–18; 8:45 am]
BILLING CODE 4910–13–P
FEDERAL TRADE COMMISSION
16 CFR Part 681
RIN 3084–AB50
Identity Theft Rules
Federal Trade Commission.
Request for public comment.
AGENCY:
ACTION:
The Federal Trade
Commission (‘‘FTC’’ or ‘‘Commission’’)
requests public comment on its Identity
Theft Rules. The Commission is
soliciting comment as part of the FTC’s
systematic review of all current
Commission regulations and guides.
DATES: Comments must be received on
or before February 11, 2019.
ADDRESSES: Interested parties may file a
comment online or on paper by:
• Online: Write ‘‘Identity Theft Rules,
16 CFR part 681, Project No. 188402’’ on
SUMMARY:
E:\FR\FM\11DEP1.SGM
11DEP1
Federal Register / Vol. 83, No. 237 / Tuesday, December 11, 2018 / Proposed Rules
your comment and file your comment at
https://ftcpublic.commentworks.com/
ftc/identitytheftrulesreview by following
the instructions on the web-based form.
• Paper: Write ‘‘Identity Theft Rules,
16 CFR part 681, Project No. 188402’’ on
your comment and on the envelope and
mail your comment to the following
address: Federal Trade Commission,
Office of the Secretary, 600
Pennsylvania Avenue NW, Suite CC–
5610 (Annex B), Washington, DC 20580,
or deliver your comment to the
following address: Federal Trade
Commission, Office of the Secretary,
Constitution Center, 400 7th Street SW,
5th Floor, Suite 5610 (Annex B),
Washington, DC 20024.
See the Instructions for Submitting
Comments part of the SUPPLEMENTARY
INFORMATION section below for
additional information.
FOR FURTHER INFORMATION CONTACT:
Stacy Procter, Western Region—Los
Angeles Office, Bureau of Consumer
Protection, Federal Trade Commission,
10990 Wilshire Blvd., Suite 400, Los
Angeles, CA 90024, (310) 824–4300, or
Amanda Koulousias, Division of Privacy
and Identity Protection, Bureau of
Consumer Protection, Federal Trade
Commission, 600 Pennsylvania Avenue
NW, Washington, DC 20580, (202) 326–
3334.
SUPPLEMENTARY INFORMATION:
amozie on DSK3GDR082PROD with PROPOSALS1
I. Background
The Fair and Accurate Credit
Transactions Act (‘‘FACTA’’) was
enacted in December 2003.1 Section 114
of FACTA amended section 615 of the
Fair Credit Reporting Act (‘‘FCRA’’) and
required the Commission and other
federal agencies to establish and
maintain guidelines for financial
institutions and creditors to identify
patterns, practices and activities that
might indicate identity theft.2 FACTA
also required the Commission and other
federal agencies to prescribe regulations
requiring financial institutions and
creditors to establish reasonable policies
and procedures for implementing the
established guidelines.3 In addition,
FACTA required the Commission and
other federal agencies to prescribe
regulations requiring debit and credit
1 Public Law 108–159, 117 Stat. 1952 (codified as
amended at 15 U.S.C. 1681–1681x).
2 15 U.S.C. 1681m(e)(1)(A), (e)(2). The other
federal agencies include the Federal banking
agencies, the National Credit Union Administration,
the Commodity Futures Trading Commission
(‘‘CFTC’’) and the Securities and Exchange
Commission (‘‘SEC’’). The CFTC and SEC obtained
regulatory authority in July 2010 pursuant to the
Dodd Frank Wall Street Reform and Consumer
Protection Act. Public Law 111–203, 124 Stat.
1376–2223.
3 15 U.S.C. 1681m(e)(1)(B).
VerDate Sep<11>2014
17:07 Dec 10, 2018
Jkt 247001
card issuers to validate notifications of
changes of address under certain
situations.4
In November 2007, the Commission
and banking agencies published final
rules and guidelines implementing the
red flags provisions of section 615 of the
FCRA.5 These rules include the duties
regarding the detection, prevention, and
mitigation of identity theft (‘‘Red Flags
Rule’’) 6 and the duties of card issuers
regarding changes of address (‘‘Card
Issuers Rule’’) 7 (collectively, the
‘‘Identity Theft Rules’’ or ‘‘Rules’’). In
December 2010, the President signed the
Red Flag Program Clarification Act
(‘‘Clarification Act’’), which narrowed
the scope of entities covered as a
‘‘creditor’’ under the Red Flags Rule.8
The Clarification Act also empowers the
Commission and other federal agencies
to determine through rulemaking
whether any other type of creditor
should be subject to the Red Flags Rule
based on whether such creditor offers or
maintains accounts with a reasonably
foreseeable risk of identity theft.9
The Red Flags Rule requires each
‘‘financial institution’’ and ‘‘creditor’’
subject to the Commission’s
enforcement authority to periodically
determine whether it maintains
‘‘covered accounts,’’ and to develop and
maintain a written Identity Theft
Prevention Program (‘‘Program’’) to
detect, prevent and mitigate identity
theft in connection with the opening or
existence of any ‘‘covered account.’’ 10
Financial institutions or creditors that
are required to implement a Program
must administer the Program in
accordance with the Red Flags Rule,
consider the guidelines set forth in
appendix A, and include in their
Program those guidelines that are
appropriate.11 The Card Issuers Rule
requires that debit or credit card issuers
establish and implement reasonable
policies and procedures to assess the
validity of a change of address request
if, within a short period of time after
receiving the request, the card issuer
receives a request for an additional or
replacement card for the same
4 15
U.S.C. 1681m(e)(1)(C).
FR 63718.
6 16 CFR 681.1.
7 16 CFR 681.2.
8 Public Law 111–319, 124 Stat. 3457 (codified at
15 U.S.C. 1681m(e)(4)). The Clarification Act retains
the definition of ‘‘creditor’’ from section 702 of the
Equal Credit Opportunity Act (‘‘ECOA’’), 15 U.S.C.
1691a, but generally limits application of the Red
Flags Rule to ECOA creditors that engage in certain
conduct regularly and in the ordinary course of
business.
9 15 U.S.C. 1681m(e)(4)(C).
10 16 CFR 681.1(c)–(d).
11 16 CFR 681.1(e)–(f).
5 72
PO 00000
Frm 00012
Fmt 4702
Sfmt 4702
63605
account.12 The Card Issuers Rule further
prohibits a card issuer from issuing an
additional or replacement card until it
has (1) notified the cardholder of the
request and provided a reasonable
means for the cardholder to promptly
report an incorrect address change, or
(2) otherwise assessed the validity of the
address change.13 Card issuers within
the FTC’s jurisdiction include, for
example, state credit unions, general
retail merchandise stores, colleges and
universities, and telecoms.
II. Regulatory Review of the Identity
Theft Rules
The Commission periodically reviews
all of its rules and guides. These reviews
seek information about the costs and
benefits of the agency’s rules and
guides, and their regulatory and
economic impact. The information
obtained assists the Commission in
identifying those rules and guides that
warrant modification or rescission.
Therefore, the Commission solicits
comments on, among other things, the
economic impact and benefits of the
Identity Theft Rules; possible conflict
between the Identity Theft Rules and
state, local, or other federal laws or
regulations; and the effect on the
Identity Theft Rules of any
technological, economic, or other
industry changes.
III. Issues for Comment
The Commission requests written
comment on any or all of the following
questions. These questions are designed
to assist the public and should not be
construed as a limitation on the issues
about which public comments may be
submitted. The Commission requests
that responses to its questions be as
specific as possible, including a
reference to the question being
answered, and refer to empirical data or
other evidence upon which the
comment is based whenever available
and appropriate.
A. General Issues
1. Is there a continuing need for
specific provisions of the Rules? Why or
why not?
2. What benefits have the Rules
provided to consumers? What evidence
supports the asserted benefits?
3. What modifications, if any, should
be made to the Rules to increase the
benefits to consumers?
a. What evidence supports the
proposed modifications?
12 16
13
CFR 681.2(c).
Id.
E:\FR\FM\11DEP1.SGM
11DEP1
63606
Federal Register / Vol. 83, No. 237 / Tuesday, December 11, 2018 / Proposed Rules
amozie on DSK3GDR082PROD with PROPOSALS1
b. How would these modifications
affect the costs the Rules impose on
businesses, including small businesses?
4. What significant costs, if any, have
the Rules imposed on consumers? What
evidence supports the asserted costs?
5. What modifications, if any, should
be made to the Rules to reduce any costs
imposed on consumers?
a. What evidence supports the
proposed modifications?
b. How would these modifications
affect the benefits provided by the
Rules?
6. What benefits, if any, have the
Rules provided to businesses, including
small businesses? What evidence
supports the asserted benefits?
7. What modifications, if any, should
be made to the Rules to increase their
benefits to businesses, including small
businesses?
a. What evidence supports the
proposed modifications?
b. How would these modifications
affect the costs the Rules impose on
businesses, including small businesses?
c. How would these modifications
affect the benefits to consumers?
8. What significant costs, if any,
including costs of compliance, have the
Rules imposed on businesses, including
small businesses? What evidence
supports the asserted costs?
9. What modifications, if any, should
be made to the Rules to reduce the costs
imposed on businesses, including small
businesses?
a. What evidence supports the
proposed modifications?
b. How would these modifications
affect the benefits provided by the
Rules?
10. What evidence is available
concerning the degree of industry
compliance with the Rules?
11. What modifications, if any, should
be made to the Rules to account for
changes in relevant technology or
economic conditions? What evidence
supports the proposed modifications?
12. Do the Rules overlap or conflict
with other federal, state, or local laws or
regulations? If so, how?
a. What evidence supports the
asserted conflicts?
b. With reference to the asserted
conflicts, should the Rules be modified?
If so, why, and how? If not, why not?
B. Specific Issues
1. Do the guidelines in appendix A of
the Red Flags Rule need updating? If so,
what updates should be made?
a. What evidence supports the
proposed modification?
b. [Reserved]
2. The Red Flags Rule covers creditors
that regularly and in the ordinary course
VerDate Sep<11>2014
17:07 Dec 10, 2018
Jkt 247001
of business: (1) Obtain or use consumer
reports in connection with a credit
transaction; (2) furnish information to
consumer reporting agencies in
connection with a credit transaction; or
(3) advance funds to or on behalf of a
person, based on an obligation of the
person to repay the funds or repayable
from specific property pledged by or on
behalf of the person, unless the
expenses for which the funds are
advanced are incidental to a service the
creditor provides to that person. Is there
any other type of creditor that is not
subject to the Red Flags Rule that offers
or maintains accounts that are subject to
a reasonably foreseeable risk of identity
theft?
a. If so, what type of creditor and
what evidence supports that
conclusion?
b. [Reserved]
IV. Instructions for Submitting
Comments
You can file a comment online or on
paper. For the Commission to consider
your comment, we must receive it on or
before February 11, 2019. Write
‘‘Identity Theft Rules, 16 CFR part 681,
Project No. 188402’’ on the comment.
Your comment, including your name
and your state, will be placed on the
public record of this proceeding,
including, to the extent practicable, on
the public Commission website, at
https://www.ftc.gov/policy/publiccomments. As a matter of discretion, the
Commission tries to remove individuals’
home contact information from
comments before placing them on the
Commission website. Because your
comment will be made public, you are
solely responsible for making sure that
your comment does not include any
sensitive personal information, such as
a Social Security number, date of birth,
driver’s license number or other state
identification number or foreign country
equivalent, passport number, financial
account number, or payment card
number. You are also solely responsible
for making sure that your comment does
not include any sensitive health
information, such as medical records or
other individually identifiable health
information.
In addition, do not include any
‘‘[t]rade secret or any commercial or
financial information which is . . .
privileged or confidential,’’ as discussed
in Section 6(f) of the FTC Act, 15 U.S.C.
46(f), and FTC Rule 4.10(a)(2), 16 CFR
4.10(a)(2). In particular, do not include
competitively sensitive information
such as costs, sales statistics,
inventories, formulas, patterns, devices,
manufacturing processes, or customer
names.
PO 00000
Frm 00013
Fmt 4702
Sfmt 9990
If you want the Commission to give
your comment confidential treatment,
you must file it in paper form, with a
request for confidential treatment, and
you must follow the procedure
explained in FTC Rule 4.9(c), 16 CFR
4.9(c). In particular, the written request
for confidential treatment that
accompanies the comment must include
the factual and legal basis for the
request, and must identify the specific
portions of the comments to be withheld
from the public record. Your comment
will be kept confidential only if the FTC
General Counsel grants your request in
accordance with the law and the public
interest.
Postal mail addressed to the
Commission is subject to delay due to
heightened security screening. As a
result, we encourage you to submit your
comment online. To make sure that the
Commission considers your online
comment, you must file it at https://
ftcpublic.commentworks.com/ftc/
identitytheftrulesreview by following the
instructions on the web-based form. If
this document appears at https://
www.regulations.gov, you also may file
a comment through that website.
If you file your comment on paper,
write ‘‘Identity Theft Rules, 16 CFR part
681, Project No. 188402’’ on your
comment and on the envelope, and mail
your comment to the following address:
Federal Trade Commission, Office of the
Secretary, 600 Pennsylvania Avenue
NW, Suite CC–5610 (Annex B),
Washington, DC 20580, or deliver your
comment to the following address:
Federal Trade Commission, Office of the
Secretary, Constitution Center, 400 7th
Street SW, 5th Floor, Suite 5610 (Annex
B), Washington, DC 20024.
Visit the Commission website at
https://www.ftc.gov to read this
document and the news release
describing it. The FTC Act and other
laws that the Commission administers
permit the collection of public
comments to consider and use in this
proceeding as appropriate. The
Commission will consider all timely
and responsive public comments that it
receives on or before February 11, 2019.
For information on the Commission’s
privacy policy, including routine uses
permitted by the Privacy Act, see
https://www.ftc.gov/site-information/
privacy-policy.
By direction of the Commission.
Donald S. Clark,
Secretary.
[FR Doc. 2018–26609 Filed 12–10–18; 8:45 am]
BILLING CODE 6750–01–P
E:\FR\FM\11DEP1.SGM
11DEP1
]]>Agencies
[Federal Register Volume 83, Number 237 (Tuesday, December 11, 2018)]
[Proposed Rules]
[Pages 63604-63606]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-26609]
=======================================================================
-----------------------------------------------------------------------
FEDERAL TRADE COMMISSION
16 CFR Part 681
RIN 3084-AB50
Identity Theft Rules
AGENCY: Federal Trade Commission.
ACTION: Request for public comment.
-----------------------------------------------------------------------
SUMMARY: The Federal Trade Commission (``FTC'' or ``Commission'')
requests public comment on its Identity Theft Rules. The Commission is
soliciting comment as part of the FTC's systematic review of all
current Commission regulations and guides.
DATES: Comments must be received on or before February 11, 2019.
ADDRESSES: Interested parties may file a comment online or on paper by:
Online: Write ``Identity Theft Rules, 16 CFR part 681,
Project No. 188402'' on
[[Page 63605]]
your comment and file your comment at https://ftcpublic.commentworks.com/ftc/identitytheftrulesreview by following
the instructions on the web-based form.
Paper: Write ``Identity Theft Rules, 16 CFR part 681,
Project No. 188402'' on your comment and on the envelope and mail your
comment to the following address: Federal Trade Commission, Office of
the Secretary, 600 Pennsylvania Avenue NW, Suite CC-5610 (Annex B),
Washington, DC 20580, or deliver your comment to the following address:
Federal Trade Commission, Office of the Secretary, Constitution Center,
400 7th Street SW, 5th Floor, Suite 5610 (Annex B), Washington, DC
20024.
See the Instructions for Submitting Comments part of the
SUPPLEMENTARY INFORMATION section below for additional information.
FOR FURTHER INFORMATION CONTACT: Stacy Procter, Western Region--Los
Angeles Office, Bureau of Consumer Protection, Federal Trade
Commission, 10990 Wilshire Blvd., Suite 400, Los Angeles, CA 90024,
(310) 824-4300, or Amanda Koulousias, Division of Privacy and Identity
Protection, Bureau of Consumer Protection, Federal Trade Commission,
600 Pennsylvania Avenue NW, Washington, DC 20580, (202) 326-3334.
SUPPLEMENTARY INFORMATION:
I. Background
The Fair and Accurate Credit Transactions Act (``FACTA'') was
enacted in December 2003.\1\ Section 114 of FACTA amended section 615
of the Fair Credit Reporting Act (``FCRA'') and required the Commission
and other federal agencies to establish and maintain guidelines for
financial institutions and creditors to identify patterns, practices
and activities that might indicate identity theft.\2\ FACTA also
required the Commission and other federal agencies to prescribe
regulations requiring financial institutions and creditors to establish
reasonable policies and procedures for implementing the established
guidelines.\3\ In addition, FACTA required the Commission and other
federal agencies to prescribe regulations requiring debit and credit
card issuers to validate notifications of changes of address under
certain situations.\4\
---------------------------------------------------------------------------
\1\ Public Law 108-159, 117 Stat. 1952 (codified as amended at
15 U.S.C. 1681-1681x).
\2\ 15 U.S.C. 1681m(e)(1)(A), (e)(2). The other federal agencies
include the Federal banking agencies, the National Credit Union
Administration, the Commodity Futures Trading Commission (``CFTC'')
and the Securities and Exchange Commission (``SEC''). The CFTC and
SEC obtained regulatory authority in July 2010 pursuant to the Dodd
Frank Wall Street Reform and Consumer Protection Act. Public Law
111-203, 124 Stat. 1376-2223.
\3\ 15 U.S.C. 1681m(e)(1)(B).
\4\ 15 U.S.C. 1681m(e)(1)(C).
---------------------------------------------------------------------------
In November 2007, the Commission and banking agencies published
final rules and guidelines implementing the red flags provisions of
section 615 of the FCRA.\5\ These rules include the duties regarding
the detection, prevention, and mitigation of identity theft (``Red
Flags Rule'') \6\ and the duties of card issuers regarding changes of
address (``Card Issuers Rule'') \7\ (collectively, the ``Identity Theft
Rules'' or ``Rules''). In December 2010, the President signed the Red
Flag Program Clarification Act (``Clarification Act''), which narrowed
the scope of entities covered as a ``creditor'' under the Red Flags
Rule.\8\ The Clarification Act also empowers the Commission and other
federal agencies to determine through rulemaking whether any other type
of creditor should be subject to the Red Flags Rule based on whether
such creditor offers or maintains accounts with a reasonably
foreseeable risk of identity theft.\9\
---------------------------------------------------------------------------
\5\ 72 FR 63718.
\6\ 16 CFR 681.1.
\7\ 16 CFR 681.2.
\8\ Public Law 111-319, 124 Stat. 3457 (codified at 15 U.S.C.
1681m(e)(4)). The Clarification Act retains the definition of
``creditor'' from section 702 of the Equal Credit Opportunity Act
(``ECOA''), 15 U.S.C. 1691a, but generally limits application of the
Red Flags Rule to ECOA creditors that engage in certain conduct
regularly and in the ordinary course of business.
\9\ 15 U.S.C. 1681m(e)(4)(C).
---------------------------------------------------------------------------
The Red Flags Rule requires each ``financial institution'' and
``creditor'' subject to the Commission's enforcement authority to
periodically determine whether it maintains ``covered accounts,'' and
to develop and maintain a written Identity Theft Prevention Program
(``Program'') to detect, prevent and mitigate identity theft in
connection with the opening or existence of any ``covered account.''
\10\ Financial institutions or creditors that are required to implement
a Program must administer the Program in accordance with the Red Flags
Rule, consider the guidelines set forth in appendix A, and include in
their Program those guidelines that are appropriate.\11\ The Card
Issuers Rule requires that debit or credit card issuers establish and
implement reasonable policies and procedures to assess the validity of
a change of address request if, within a short period of time after
receiving the request, the card issuer receives a request for an
additional or replacement card for the same account.\12\ The Card
Issuers Rule further prohibits a card issuer from issuing an additional
or replacement card until it has (1) notified the cardholder of the
request and provided a reasonable means for the cardholder to promptly
report an incorrect address change, or (2) otherwise assessed the
validity of the address change.\13\ Card issuers within the FTC's
jurisdiction include, for example, state credit unions, general retail
merchandise stores, colleges and universities, and telecoms.
---------------------------------------------------------------------------
\10\ 16 CFR 681.1(c)-(d).
\11\ 16 CFR 681.1(e)-(f).
\12\ 16 CFR 681.2(c).
\13\ Id.
---------------------------------------------------------------------------
II. Regulatory Review of the Identity Theft Rules
The Commission periodically reviews all of its rules and guides.
These reviews seek information about the costs and benefits of the
agency's rules and guides, and their regulatory and economic impact.
The information obtained assists the Commission in identifying those
rules and guides that warrant modification or rescission. Therefore,
the Commission solicits comments on, among other things, the economic
impact and benefits of the Identity Theft Rules; possible conflict
between the Identity Theft Rules and state, local, or other federal
laws or regulations; and the effect on the Identity Theft Rules of any
technological, economic, or other industry changes.
III. Issues for Comment
The Commission requests written comment on any or all of the
following questions. These questions are designed to assist the public
and should not be construed as a limitation on the issues about which
public comments may be submitted. The Commission requests that
responses to its questions be as specific as possible, including a
reference to the question being answered, and refer to empirical data
or other evidence upon which the comment is based whenever available
and appropriate.
A. General Issues
1. Is there a continuing need for specific provisions of the Rules?
Why or why not?
2. What benefits have the Rules provided to consumers? What
evidence supports the asserted benefits?
3. What modifications, if any, should be made to the Rules to
increase the benefits to consumers?
a. What evidence supports the proposed modifications?
[[Page 63606]]
b. How would these modifications affect the costs the Rules impose
on businesses, including small businesses?
4. What significant costs, if any, have the Rules imposed on
consumers? What evidence supports the asserted costs?
5. What modifications, if any, should be made to the Rules to
reduce any costs imposed on consumers?
a. What evidence supports the proposed modifications?
b. How would these modifications affect the benefits provided by
the Rules?
6. What benefits, if any, have the Rules provided to businesses,
including small businesses? What evidence supports the asserted
benefits?
7. What modifications, if any, should be made to the Rules to
increase their benefits to businesses, including small businesses?
a. What evidence supports the proposed modifications?
b. How would these modifications affect the costs the Rules impose
on businesses, including small businesses?
c. How would these modifications affect the benefits to consumers?
8. What significant costs, if any, including costs of compliance,
have the Rules imposed on businesses, including small businesses? What
evidence supports the asserted costs?
9. What modifications, if any, should be made to the Rules to
reduce the costs imposed on businesses, including small businesses?
a. What evidence supports the proposed modifications?
b. How would these modifications affect the benefits provided by
the Rules?
10. What evidence is available concerning the degree of industry
compliance with the Rules?
11. What modifications, if any, should be made to the Rules to
account for changes in relevant technology or economic conditions? What
evidence supports the proposed modifications?
12. Do the Rules overlap or conflict with other federal, state, or
local laws or regulations? If so, how?
a. What evidence supports the asserted conflicts?
b. With reference to the asserted conflicts, should the Rules be
modified? If so, why, and how? If not, why not?
B. Specific Issues
1. Do the guidelines in appendix A of the Red Flags Rule need
updating? If so, what updates should be made?
a. What evidence supports the proposed modification?
b. [Reserved]
2. The Red Flags Rule covers creditors that regularly and in the
ordinary course of business: (1) Obtain or use consumer reports in
connection with a credit transaction; (2) furnish information to
consumer reporting agencies in connection with a credit transaction; or
(3) advance funds to or on behalf of a person, based on an obligation
of the person to repay the funds or repayable from specific property
pledged by or on behalf of the person, unless the expenses for which
the funds are advanced are incidental to a service the creditor
provides to that person. Is there any other type of creditor that is
not subject to the Red Flags Rule that offers or maintains accounts
that are subject to a reasonably foreseeable risk of identity theft?
a. If so, what type of creditor and what evidence supports that
conclusion?
b. [Reserved]
IV. Instructions for Submitting Comments
You can file a comment online or on paper. For the Commission to
consider your comment, we must receive it on or before February 11,
2019. Write ``Identity Theft Rules, 16 CFR part 681, Project No.
188402'' on the comment. Your comment, including your name and your
state, will be placed on the public record of this proceeding,
including, to the extent practicable, on the public Commission website,
at https://www.ftc.gov/policy/public-comments. As a matter of
discretion, the Commission tries to remove individuals' home contact
information from comments before placing them on the Commission
website. Because your comment will be made public, you are solely
responsible for making sure that your comment does not include any
sensitive personal information, such as a Social Security number, date
of birth, driver's license number or other state identification number
or foreign country equivalent, passport number, financial account
number, or payment card number. You are also solely responsible for
making sure that your comment does not include any sensitive health
information, such as medical records or other individually identifiable
health information.
In addition, do not include any ``[t]rade secret or any commercial
or financial information which is . . . privileged or confidential,''
as discussed in Section 6(f) of the FTC Act, 15 U.S.C. 46(f), and FTC
Rule 4.10(a)(2), 16 CFR 4.10(a)(2). In particular, do not include
competitively sensitive information such as costs, sales statistics,
inventories, formulas, patterns, devices, manufacturing processes, or
customer names.
If you want the Commission to give your comment confidential
treatment, you must file it in paper form, with a request for
confidential treatment, and you must follow the procedure explained in
FTC Rule 4.9(c), 16 CFR 4.9(c). In particular, the written request for
confidential treatment that accompanies the comment must include the
factual and legal basis for the request, and must identify the specific
portions of the comments to be withheld from the public record. Your
comment will be kept confidential only if the FTC General Counsel
grants your request in accordance with the law and the public interest.
Postal mail addressed to the Commission is subject to delay due to
heightened security screening. As a result, we encourage you to submit
your comment online. To make sure that the Commission considers your
online comment, you must file it at https://ftcpublic.commentworks.com/ftc/identitytheftrulesreview by following the instructions on the web-
based form. If this document appears at https://www.regulations.gov,
you also may file a comment through that website.
If you file your comment on paper, write ``Identity Theft Rules, 16
CFR part 681, Project No. 188402'' on your comment and on the envelope,
and mail your comment to the following address: Federal Trade
Commission, Office of the Secretary, 600 Pennsylvania Avenue NW, Suite
CC-5610 (Annex B), Washington, DC 20580, or deliver your comment to the
following address: Federal Trade Commission, Office of the Secretary,
Constitution Center, 400 7th Street SW, 5th Floor, Suite 5610 (Annex
B), Washington, DC 20024.
Visit the Commission website at https://www.ftc.gov to read this
document and the news release describing it. The FTC Act and other laws
that the Commission administers permit the collection of public
comments to consider and use in this proceeding as appropriate. The
Commission will consider all timely and responsive public comments that
it receives on or before February 11, 2019. For information on the
Commission's privacy policy, including routine uses permitted by the
Privacy Act, see https://www.ftc.gov/site-information/privacy-policy.
By direction of the Commission.
Donald S. Clark,
Secretary.
[FR Doc. 2018-26609 Filed 12-10-18; 8:45 am]
BILLING CODE 6750-01-P
