July Short term and extended term fraud alerts, Short term and extended term active duty alerts,
|
|
- Christine Richard
- 8 years ago
- Views:
Transcription
1 FEDERAL AND STATE IDENTITY THEFT PROTECTION LAWS Elizabeth A. Huber, Esq. Hudson Cook, LLP 2361 Rosecrans Ave., Suite 355 El Segundo, CA Telephone Fax July 2004 NEW FEDERAL IDENTITY THEFT PROTECTION LAWS The Fair and Accurate Credit Transactions Act of 2003 ( FACT Act )1 brought to the national scene identity theft protection laws for all consumers. The FACT Act includes not only an indefinite extension of certain preemptions of state law that were due to sunset as of December 31, 2003, but also significant amendments to the Fair Credit Reporting Act ( FCRA )2 adding a wide array of consumer protections, many focused on identity theft protection. The notable amendments to the FCRA include: Short term and extended term fraud alerts, Short term and extended term active duty alerts, Blocking information in a consumer s credit file resulting from identity theft, Providing a Summary of Rights of Identity Theft Victims, Releasing copies of business transaction records that are the result of identity theft, and Maintaining procedures by furnishers of credit information to prevent the reintroduction of inaccurate information in a consumer s credit file. Both before and subsequent to the passage of the FACT Act, state legislatures have been busy passing state identity theft protection laws. The focus of this paper is on those federal and state civil laws aimed at protecting consumers from, and providing aid subsequent to, an identity theft.3 1 Pub. L , 117 Stat. 1952, December 4, U.S.C et seq. 3 Under the FCRA as amended by the FACT Act, the term identity theft means a fraud committed using the identifying information of another person, subject to such further definition as the Federal Trade 2004 Hudson Cook, LLP Page 1
2 ONE-CALL FRAUD ALERTS Consumers may now place a 90-day fraud alert 4 with nationwide credit reporting agencies. Section 112 of the FACT Act added new Section 605A to the FCRA. Upon the direct request of a consumer, or an individual acting on behalf of or as a personal representative of a consumer, who asserts in good faith a suspicion that the consumer has been or is about to become a victim of fraud or related crime, including identity theft,5 a consumer reporting agency ( CRA )6 that maintains a file on the consumer and has received appropriate proof of the identity of the requester must (A) Include a fraud alert in the file of that consumer, and also provide that alert along with any credit score generated in using that file, for a period of not less than 90 days, beginning on the date of such request, unless the consumer or such representative requests that such fraud alert be removed before the end of such period, and the consumer reporting agency has received appropriate proof of the identity of the requester for such purpose; and (B) Refer the information regarding the fraud alert to each of the other nationwide consumer reporting agencies, in accordance with procedures developed under section 621(f).7 In any case in which a consumer reporting agency includes a fraud alert in the file of a consumer pursuant to the foregoing procedures, the consumer reporting agency must also disclose to the consumer that he or she may request a free copy of his or her credit file, and provide to the consumer all disclosures required to be made under FCRA Section 609, without charge to the consumer, not later than three business days after any Commission ( FTC ) may prescribe, by regulation. 15 U.S.C. 1681a(q)(3), as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, A fraud alert means a statement in the consumer s credit file with a credit reporting agency that notifies all prospective users of a consumer report that the consumer may be a victim of fraud, including identity theft, and is presented in a manner that facilitates a clear and conspicuous view of the statement by any person requesting such a report. 15 U.S.C. 1681a(q)(2) as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, Identity Theft means a fraud committed using the identifying information of another person, subject to such further definition as the FTC may prescribe, by regulation. FCRA 603(q)(3) as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, The term consumer reporting agency that compiles and maintains files on a nationwide basis means a CRA that regularly engages in the practice of assembling or evaluating, and maintaining, for the purpose of furnishing consumer reports to third parties bearing on a consumer s creditworthiness, credit standing, or credit capacity, each of the following regarding consumers residing nationwide: (1) Public record information; (2) Credit account information from persons who furnish that information regularly and in the ordinary course of business. FCRA 603(p), 15 U.S.C. 1681a(p). 7 FCRA 605A(a)(1) Hudson Cook, LLP Page 2
3 request.8 The consumer would seem to have some responsibility to review the credit report ordered to ensure that no information appears in the credit file that does not belong to the consumer. EXTENDED FRAUD ALERTS Consumers may only place an extended fraud alert on their credit file with a nationwide consumer reporting agency if they have filed an identity theft report. 9 Upon the direct request of a consumer, or an individual acting on behalf of or as a personal representative of a consumer, who submits an identity theft report to a consumer reporting agency, if the agency has received appropriate proof of the identity of the requester, the agency must (A) Include a fraud alert in the file of that consumer, and also provide that alert along with any credit score generated in using that file, during the seven-year period beginning on the date of such request, unless the consumer or such representative requests that such fraud alert be removed before the end of such period and the agency has received appropriate proof of the identity of the requester for such purpose; (B) During the five-year period beginning on the date of such request, exclude the consumer from any list of consumers prepared by the consumer reporting agency and provided to any third party to [make a firm] offer credit or insurance to the consumer as part of a transaction that was not initiated by the consumer, unless the consumer or such representative requests that such exclusion be rescinded before the end of such period; and (C) Refer the information regarding the extended fraud alert to each of the other nationwide consumer reporting agencies.10 8 FCRA 605A(a)(2). Section 211 of the FACT Act adds a new subsection (d), Free Disclosures in Connection with Fraud Alerts, to Section 612 of the FCRA. Upon the request of a consumer, a nationwide consumer reporting agency must make all disclosures pursuant to FCRA Section 609, without charge to the consumer. 9 Identity Theft Report has the meaning given that term by rule of the Commission, and means, at a minimum, a report (A) that alleges an identity theft; (B) that is a copy of an official, valid report filed by a consumer with an appropriate Federal, State, or local law enforcement agency, including the United States Postal Inspection Service, or such other government agency deemed appropriate by the Commission; and (C) the filing of which subjects the person filing the report to criminal penalties relating to the filing of false information if, in fact, the information in the report is false. FCRA 603(q)(4), as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, FCRA 605A(b)(1) Hudson Cook, LLP Page 3
4 As is the case with the one-call, 90-day fraud alert, a consumer has a right to obtain a free credit report. In any case in which a consumer reporting agency includes a fraud alert in the file of a consumer, the consumer reporting agency must disclose to the consumer that the consumer may request two free copies of his or her credit file during the 12-month period beginning on the date on which the extended fraud alert was included in the files; and provide to the consumer all disclosures required to be made under FCRA Section 609, without charge to the consumer, not later than three business days after any request.11 ACTIVE DUTY ALERTS The process for active duty alerts 12 works similarly to that for one-call and extended fraud alerts, discussed above. Upon the direct request of an active duty military consumer or an individual acting on behalf of or as a personal representative of an active duty military consumer, a nationwide consumer reporting agency that maintains a file on the active duty military consumer and has received appropriate proof of the identity of the requester must: (A) Include an active duty alert in the file of that active duty military consumer, and also provide that alert along with any credit score generated in using that file, during a period of not less than 12 months, or such longer period as the Commissioner shall determine, by regulation, beginning on the date of the request, unless the active duty military consumer or such representative requests that such fraud alert be removed before the end of such period, and the agency has receive appropriate proof of the identity of the requester for such purpose; (B) During the two-year period beginning on the date of request for an active duty alert, exclude the active duty military consumer from any list of consumers prepared by the consumer reporting agency and provided to any third party to [make a firm] offer of credit or insurance to the consumer as part of a transaction that was not initiated by the consumer, unless the consumer requests that such exclusion be rescinded before the end of such period; and (C) Refer the information regarding the active duty alert to each of the other nationwide consumer reporting agencies FCRA 605A(b)(2). 12 Active Duty Alert means a statement in the file of a consumer that (A) notifies all prospective users of a consumer report relating to the consumer that the consumer is an active duty military consumer; and (B) is presented in a manner that facilitates a clear and conspicuous view of the statement described in (A) by any person requesting such consumer report. FCRA 603(q)(2), as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, FCRA 605A(c) Hudson Cook, LLP Page 4
5 PROCEDURES, NOTIFICATION, DISCLOSURES AND VERIFICATION Each nationwide consumer reporting agency14 must establish policies and procedures (1) to comply with the foregoing one-call and extended fraud alerts and active duty alerts, and (2) that allow consumers and active duty military consumers to request initial, extended, or active duty alerts in a simple and easy manner, including by telephone.15 What about consumer credit reporting agencies other than nationwide consumer reporting agencies? If a consumer contacts any consumer reporting agency that is not a nationwide consumer reporting agency to communicate a suspicion that the consumer has been or is about to become a victim of fraud or related crime, including identity theft, the agency must provide information to the consumer on how to contact the FTC and the nationwide consumer reporting agencies to obtain more detailed information and request alerts under this section.16 Resellers17 of credit file information also have responsibilities under this new section. A reseller must include in its consumer credit report any fraud alert or active duty alert placed in the consumer s file by another consumer reporting agency.18 Each fraud alert and active duty alert reported in or with a credit report by a consumer reporting agency must include information that notifies all prospective users that the consumer does not authorize the establishment of any new credit plan19 or extension of credit, other than under an existing open-end credit plan, in the name of the consumer, or issuance of an additional card on an existing credit account requested by a consumer, or any increase in credit limit on an existing credit account requested by a consumer, except in accordance with certain verification procedures.20 In connection with extended fraud alerts and active duty alerts, the consumer reporting agency must 14 See footnote FCRA 605A(d). 16 FCRA 605A(g). 17 Reseller means a consumer reporting agency that (1) assembles and merges information contained in the database of another consumer reporting agency or multiple consumer reporting agencies concerning any consumer for purposes of furnishing such information to any third party, to the extent of such activities; and (2) does not maintain a database of the assembled or merged information from which new consumer reports are produced. FCRA 603(u), as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, FCRA 605A(f). 19 New credit plan means a new account under an open-end credit plan (as defined in section 103(i) of the Truth in Lending Act) or a new credit transaction not under an open-end credit plan. FCRA 603(q)(5), as added by Pub. L , 117 Stat. 1952, December 4, 2003, effective March 31, FCRA 605A(h)(1)(A), (2)(A) Hudson Cook, LLP Page 5
6 also include in the consumer report to a user a telephone number or other reasonable contact method designated by the consumer.21 No prospective user of a consumer report that includes an initial fraud alert or an active duty alert may establish a new credit plan or extension of credit, other than under an exiting open-end credit plan, in the name of the consumer, or issue an additional card on an existing credit account requested by a consumer, or grant any increase in credit limit on an existing credit account requested by a consumer, unless the user utilizes reasonable policies and procedures to form a reasonable belief that the user knows the identity of the person making the request. If a consumer requesting the alert has specified a telephone number to be used for identity verification purposes, before authorizing any new credit plan or extension, a user of such consumer report must contact the consumer using that telephone number, or take reasonable steps to verify the consumer s identity and confirm that the application for a new credit plan is not the result of identity theft.22 No prospective user of a consumer report or of a credit score generated using the information in the file of a consumer that includes an extended fraud alert may establish a new credit plan or extension of credit, other than under an existing open-end credit plan, or issue an additional card on an existing credit account requested by a consumer, or any increase in credit limit on an existing credit account requested by a consumer, unless the user contacts the consumer in person or using the contact method provided by the consumer to confirm that the application for a new credit plan or increase in credit limit, or request for an additional card is not the result of identity theft.23 BLOCKING INFORMATION IN A CONSUMER CREDIT REPORT Section 152 of the FACT Act added to the FCRA the ability of the consumer to block information in a credit file that resulted from identity theft, thereby helping consumers recover their good credit standing. A consumer reporting agency must block the reporting of any information in the file of a consumer that the consumer identifies as information that resulted from an alleged identity theft, not later than four business days after the date of receipt of such consumer reporting agency of -- (1) Appropriate proof of the identity of the consumer; (2) A copy of an identity theft report; (3) The identification of such information by the consumer; and 21 FCRA 605(h)(2)(A). 22 FCRA 605A(h)(1)(B). 23 FCRA 605A(h)(2)(B) Hudson Cook, LLP Page 6
7 (4) A statement by the consumer that the information is not information relating to any transaction by the consumer.24 A consumer reporting agency must promptly notify the furnisher of information identified by the consumer that the information may be the result of identity theft, that an identity theft report has been filed, that a block has been requested under FCRA Section 605B, and of the effective dates of the block.25 PREEMPTION AND STATE BLOCKING PROVISIONS Existing provisions in California Civil Code Section contain instructions on blocking and unblocking credit files upon submission of a police report or investigative report from the California Department of Motor Vehicles that the consumer 24 FCRA 605B(a). A federal, state, or local law enforcement agency may access blocked information in a consumer file for which the agency could otherwise obtain access. FCRA 605B(f). 25 FCRA 605B(b). 26 If a consumer submits to a credit reporting agency a copy of a valid police report, or a valid investigative report made by a Department of Motor Vehicles investigator with peace officer status, filed pursuant to Section of the Penal Code, the consumer credit reporting agency shall promptly and permanently block reporting any information that the consumer alleges appears on his or her credit report as a result of a violation of Section of the Penal Code so that the information cannot be reported. The consumer credit reporting agency shall promptly notify the furnisher of the information that the information has been so blocked. Furnishers of information and consumer credit reporting agencies shall ensure that information is unblocked only upon a preponderance of the evidence establishing the facts required under paragraph (1), (2), or (3). The permanently blocked information shall be unblocked only if: (1) the information was blocked due to a material misrepresentation of fact by the consumer or fraud, or (2) the consumer agrees that the blocked information, or portions of the blocked information, were blocked in error, or (3) the consumer knowingly obtained possession of goods, services, or moneys as a result of the blocked transaction or transactions or the consumer should have known that he or she obtained possession of goods, services, or moneys as a result of the blocked transaction or transactions. If blocked information is unblocked pursuant to this subdivision, the consumer shall be promptly notified in the same manner as consumers are notified of the reinsertion of information pursuant to subdivision (c). The prior presence of the blocked information in the consumer credit reporting agency's file on the consumer is not evidence of whether the consumer knew or should have known that he or she obtained possession of any goods, services, or moneys. For the purposes of this subdivision, fraud may be demonstrated by circumstantial evidence. In unblocking information pursuant to this subdivision, furnishers and consumer credit reporting agencies shall be subject to their respective requirements pursuant to this title regarding the completeness and accuracy of information. Cal. Civ. Code (k). In unblocking information as described in subdivision (k), a consumer reporting agency shall comply with all requirements of this section and 15 U.S.C. Sec. 1681i relating to reinvestigating disputed information. In addition, a consumer reporting agency shall accept the consumer's version of the disputed information and correct or delete the disputed item when the consumer submits to the consumer reporting agency documentation obtained from the source of the item in dispute or from public records confirming that the report was inaccurate or incomplete, unless the consumer reporting agency, in the exercise of good faith and reasonable judgment, has substantial reason based on specific, verifiable facts to doubt the authenticity of the documentation submitted and notifies the consumer in writing of that decision, explaining its reasons for unblocking the information and setting forth the specific, verifiable facts on which the decision was based. Cal. Civ. Code (l) Hudson Cook, LLP Page 7
8 has been the subject of identity theft. Section is specifically carved out of preemption under subsection (b)(3) of FCRA Section 625. Several states have recently adopted consumer blocking procedures. Because these state laws have not been specifically carved out from the preemptions under FCRA Section 625, these laws will no longer be effective when the federal regulations become effective for FCRA Section 605B later in See Other State Identity Theft Protection Laws, infra. DECLINING TO BLOCK; RESCINDING OR CANCELING A BLOCK Under the new blocking provisions of the FCRA, a consumer reporting agency may decline to block, or may rescind any block, of information relating to a consumer, if the consumer reporting agency reasonably determines that: The information was blocked in error or a block was requested by the consumer in error; the information was blocked, or a block was requested by the consumer, on the basis of a material misrepresentation of fact by the consumer relevant to the request to block; or the consumer obtained possession of goods, services, or money as a result of the blocked transaction or transactions.28 If a block of information is declined or rescinded, the affected consumer must be notified promptly, in the same manner that pertains to notice to consumers upon reinsertion of disputed information.29 RESELLERS AND CHECK VERIFICATION COMPANIES The requirements to block a consumer s credit file, or portion thereof, alleged to be the result of identity theft, does not apply to a consumer reporting agency, if the consumer reporting agency is a reseller, and at the time the consumer makes a request, is not furnishing or reselling a consumer report concerning the information identified by the consumer, and the consumer reporting agency informs the consumer that the he or she may report the identity theft to the FTC to obtain consumer information regarding identity theft.30 The sole obligation of a reseller that actually has a credit file on the consumer is to block the consumer report maintained by it from any subsequent use if the consumer identifies information in the file that resulted from identity theft. In carrying out its obligation to block the file, the reseller must promptly provide a notice to the consumer of the decision to block the file. The notice sent by the reseller must contain the name, address, and telephone number of each consumer reporting agency from which the consumer information was obtained for resale See 16 CFR 602.1(c); 69 Fed. Reg. 6526, 6531, Feb. 11, FCRA 605B(c)(1). 29 FCRA 605B(c)(2). The provisions for notice upon reinsertion of disputed information are at FCRA 611(a)(5)(B). 30 FCRA 605B(d)(1). 31 FCRA 605B(d)(2) Hudson Cook, LLP Page 8
9 With certain limited exceptions, the requirements to block a consumer s credit file, or portion thereof, alleged to be the result of identity theft, also do not apply to a check services company, acting as such, which issues authorizations for the purpose of approving or processing negotiable instruments, electronic funds transfers, or similar methods of payments. In any case, beginning four business days after receipt of a request to block the information, a check services company must not report to a nationwide consumer reporting agency any information identified in the subject identity theft report as resulting from identity theft.32 DUTIES OF FURNISHERS OF INFORMATION AND NOTIFICATION OF IDENTITY THEFT A person that furnishes information to any consumer reporting agency must have in place reasonable procedures to respond to any notification that it receives from a consumer reporting agency under FCRA Section 605B relating to information resulting from identity theft, to prevent that person from refurnishing such blocked information.33 If a consumer submits an identity theft report to a person who furnishes information to a consumer reporting agency at the address specified by that person for receiving such reports, and states that information maintained by such person that purports to relate to the consumer resulted from identity theft, the person may not furnish such information to any consumer reporting agency, unless the person subsequently knows or is informed by the consumer that the information is correct.34 The provisions of California Civil Code Section concerning the requirement that a consumer credit reporting agency maintain procedures to prevent the reintroduction of information that has been deleted because of its origin in a transaction entered into as a result of an identity thief35 are not preempted by the federal FCRA, because such provisions are specifically carved out under subsection (b)(3) of FCRA Section FCRA 605B(e). 33 FCRA 623(a)(6)(A). 34 FCRA 623(a)(6)(B). 35 Cal. Civ. Code (i) Hudson Cook, LLP Page 9
10 SUMMARY OF RIGHTS OF VICTIMS Section 152 of the FACT Act has added new subsection (d), Summary of Rights of Identity Theft Victims, to Section 609 of the FCRA. The FTC, in consultation with the Federal banking agencies and the National Credit Union Administration, are required to prepare a model summary of rights of consumers with respect to the procedures for remedying the effects of fraud or identity theft involving credit, an electronic fund transfer, or an account or transaction at or with a financial institution or other creditor.36 If a consumer contacts a consumer reporting agency and expresses a belief that he or she is a victim of identity theft involving credit, an electronic fund transfer, or an account or transaction at a financial institution or other creditor, a consumer reporting agency must provide to a consumer, beginning 60 days after the date on which the model summary of rights is released in final form, a summary of rights that contains all of the information required by the regulations.37 COPIES OF BUSINESS RECORDS FROM FRAUDULENT TRANSACTIONS Section 152 of the FACT Act also added subsection (e), Information Available to Victims, to Section 609 of the FCRA. For the purpose of documenting fraudulent transactions resulting from identity theft, not later than 30 days after the date of receipt of a request from a victim in accordance with specified procedures, and subject to verification of the identity of the victim and the claim of identity theft, a business entity that has: provided credit to, provided for consideration products, goods, or services to, accepted payment from, or otherwise entered into a commercial transaction for consideration with, a person who has allegedly made unauthorized use of the victim s identity, must provide a copy of application and business transaction records in the control of the business entity, whether maintained by the business entity or by another person on behalf of the business entity, evidencing any transaction alleged to be a result of identity theft to the victim, any federal, state, or local government law enforcement agency or officer specified by the victim in such a request, or any law enforcement agency investigating the identity theft and authorized by the victim to take receipt of records provided under this subsection FCRA 609(d)(1). 37 FCRA 609(d)(2). 38 FCRA 609(e) Hudson Cook, LLP Page 10
11 PROHIBITION ON SALE OR TRANSFER OF DEBT One of the more onerous provisions dealing with the new identity theft provisions in FCRA is what happens to a transaction after it has been identified as the being initiated in connection with an identity theft of a consumer. A new provision has been added to the FCRA to prohibit the sale, transfer for consideration, or placement for collection of a debt when the holder thereof has been notified under the transaction has resulted from identity theft. However, the repurchase of a debt in any case in which the assignee of the debt requires such repurchase because the debt has resulted from identity theft is permitted, as is the securitization of a debt or the pledging of a portfolio of debt as collateral in connection with a borrowing or the transfer of debt as a result of a merger, acquisition, purchase and assumption transaction, or transfer of substantially all of the assets of an entity.39 California Civil Code restricting the sale of consumer debts identified to be the result of identity theft is preempted by the FCRA.41 RED-FLAG GUIDELINES The Federal banking agencies, the National Credit Union Administration, and the FTC must promulgate guidelines ( red-flag guidelines ) for use by certain banking agencies, the National Credit Union Administration and others subject to the jurisdiction of the FTC regarding identity theft with respect to those financial institutions account holders and customers.42 In so doing, the agencies must: (A) Prescribe regulations requiring each financial institution and each creditor to establish reasonable policies and procedures for implementing the guidelines, to identify possible risks to account holders or customers or to the safety and soundness of the institution or customers; and 39 FCRA 615(f). 40 Cal. Civ. Code (a) No creditor may sell a consumer debt to a debt collector, as defined in 15 U.S.C. Sec. 1692a, if the consumer is a victim of identity theft, as defined in Section , and with respect to that debt, the creditor has received notice pursuant to subdivision (k) of Section (b) Subdivision (a) does not apply to a creditor s sale of a debt to a subsidiary or affiliate of the creditor, if, with respect to that debt, the subsidiary or affiliate does not take any action to collect the debt. (c) For the purposes of this section, the requirement in 15 U.S.C. 1692a, that a person must use an instrumentality of interstate commerce or the mails in the collection of any debt to be considered a debt collector, does not apply. 41 FCRA 625(b)(5)(F). 42 FCRA 615(e)(1) Hudson Cook, LLP Page 11
12 (B) Prescribe regulations applicable to card issuers to ensure that, if a card issuer receives notification of a change of address for an existing account, and within a short period of time43 receives a request for an additional or replacement card for the same account, the card issuer may not issue the additional or replacement card, unless the card issuer, in accordance with reasonable policies and procedures (i) notifies the cardholder of the request at the former address of the cardholder and provides to the cardholder a means of promptly reporting incorrect address changes; (ii) notifies the cardholder of the request by such other means of communication as the cardholder and the card issuer previously agreed to; or (iii) uses other means of assessing the validity of the change of address, in accordance with reasonable policies and procedures established by the card issuer.44 In developing the guidelines required above, the agencies must consider including provisions that when a transaction occurs with respect to a credit or deposit account that has been inactive for more than two years, the creditor or financial institution must follow reasonable policies and procedures that provide for notice to be given to a consumer in a manner reasonably designed to reduce the likelihood of identity theft with respect to such an account.45 TRUNCATION OF DEBIT CARD AND CREDIT CARD NUMBERS In connection with retail transactions with consumers, commencing December 4, 2006, no person that accepts the electronic imprinting of credit cards or debit cards for the transaction of business will be permitted to print more than the last five digits of the card number or the expiration date upon any receipt provided to the cardholder at the point of the sale or transaction.46 With respect to any cash register or other machine or device that electronically prints receipts for credit card or debit card transactions that is in use on or after January 1, 2005, the effective date of the new provision is December 4, California law47 in this regard will ultimately be preempted During at least the first 30 days after such notification is received. 44 FCRA 615(e)(1). At least a portion of Cal. Civ. Code will ultimately be preempted. FCRA 625(b)(5)(F). 45 Id. 46 FCRA 605(g). This new provision will not apply to the handwriting or imprinting of the card for the charge. 47 Cal. Civ. Code , Receipts: (a) Except as provided in this section, no person, firm, partnership, association, corporation, or limited liability company that accepts credit cards for the transaction of business shall print more than the last five digits of the credit card account number or the expiration date upon any receipt provided to the cardholder. (b) This section shall apply only to receipts that are electronically printed and shall not apply to transactions in which the sole means of recording the person s credit card number is by handwriting or by an imprint or copy of the credit card. (c) This section shall become operative on January 1, 2004, with respect to any cash register or other machine or device that electronically prints receipts for credit card transactions that is in use before January 1, (d) This section shall become operative on January 1, 2001, with respect to any cash register or other machine or device that electronically prints receipts for credit card transactions that is first put into use on or after January 1, Hudson Cook, LLP Page 12
13 DEBT COLLECTOR COMMUNICATIONS CONCERNING IDENTITY THEFT The FACT Act has added new subsection (g), Debt Collector Communications Concerning Identity Theft, to FCRA Section 615. If a person acting as a debt collector on behalf of a third party creditor or other user of a consumer report is notified that any information relating to a debt that the debt collector is attempting to collect may be fraudulent or may be the result of identity theft, the debt collector must notify the third party that the information may be fraudulent or may be the result of identity theft. Upon request of the consumer to whom the debt purportedly relates, the debt collector must provide to the consumer all information to which the consumer would otherwise be entitled if the consumer were not a victim of identity theft, but wished to dispute the debt under provisions of law applicable to that person.49 SELECTED CALIFORNIA IDENTITY THEFT PROTECTION LAWS PROVISIONS AIDING VICTIMS OF IDENTITY THEFT California s criminal law dealing with the unlawful use of personal identifying information 50 has been on the books for the past five years. That law makes it illegal for a person to willfully obtain personal identifying information of another without that person s consent and to use that information for any unlawful purpose.51 A key provision of the law gives the victim the right to obtain information without a subpoena from creditors and other service providers in order to attempt to identify the perpetrator. Effective January 1, 2004,52 the category of providers responsible for producing the records is expanded. If a person discovers that an application in his or her name for a loan, credit line or account, credit card, charge card, public utility service, mail receiving or forwarding service, office or desk space rental service, or commercial mobile radio service has been filed with any person or entity by an unauthorized person, or that an 48 Section 113 of the FACT Act added subsection (g) on credit card and debit card number truncation to FCRA Section 605. These provisions are scheduled to become effective three years after date of enactment for machines and devices in use before January 1, 2005, and one year after date of enactment for machines and devices place din use after January 1, Preemption is at FCRA 625(b)(5). 49 FCRA 615(g). 50 Personal identifying information was originally defined as the person s name, address, telephone number, driver s license number, social security number, place of employment, employee identification number, mother s maiden name, demand deposit account number, savings account number or credit card number. This definition was expensed in 2002 to include health insurance identification, taxpayer identification, school identification, checking account number, PIN or password, alien registration number, government passport number, date of birth, unique biometric data including fingerprint, facial scan identifiers, voice print, retina or iris image, or other unique physical representation, unique electronic data including identification number, address or routing code, telecommunication identifying information or access device, information from a birth or death certificate. Cal. Pen. Code 530.5(b). 51 Cal. Pen. Code Hudson Cook, LLP Page 13
14 account in his or her name has been opened with a bank, trust company, savings association, credit union, public utility, mail receiving or forwarding service, office or desk space rental service, or commercial mobile radio service provider by an unauthorized person, then, upon presenting to the person or entity with which the application was filed or the account was opened (1) a copy of the police report prepared pursuant to California Penal Code Section and (2) identifying information in the categories of information that the unauthorized person used to complete the application or to open the account, the person (or law enforcement officer specified by the person) is entitled to receive information related to the application or account. This includes the right of the victim to a obtain a copy of the application or application information and a record of transactions or charges associated with the application or account.53 The creditor or service provider may, before providing copies to a law enforcement officer, require that the victim to submit a signed and dated statement by which the victim (1) authorizes disclosure for a stated period, (2) specifies the name of the agency or department to which the disclosure is authorized, (3) identifies the types of records that the victim authorizes to be disclosed, (4) states that the victim s authorization may be revoked at any time.54 Two other bills passed in 2003 with reciprocal enactment provisions55 give rights to a victim to pursue an uncooperative creditor or service provider in connection with the records request. At the victim s request, the Attorney General, the district attorney, or the prosecuting city attorney may file a petition in court in the jurisdiction in which the victim resides to compel the attendance of the person or entity in possession of the records, and order the production of the requested records to the court. Further procedures apply.56 The definition of application as used in subdivision (a) of Penal Code Section is now defined as a new application for credit or service, the addition of authorized users to an existing account, the renewal of an existing account, or any other changes made to an existing account. 57 In addition to any other civil remedy the victim is entitled to, as a result of the creditor or service provider having failed to produce the records, the victim may bring a 52 Stats. 2003, ch. 90, A.B Expanded categories of service providers shown in italics. Cal. Pen. Code 530.8(a). 54 Cal. Pen. Code 530.8(c). 55 Both S.B. 602 and S.B. 684 contain operative provisions dependent upon the other being enacted first. Both were signed and chaptered on the same day S.B. 602 was chaptered as Chapter 533, and S.B. 684 was chaptered as Chapter 534, meaning that the amendments of S.B. 684 prevail. Since the language is identical in both bills, little, if anything, is lost in the interpretation. 56 Cal. Pen. Code 530.8(d)(1). 57 Cal. Pen. Code 530.8(e)(1) Hudson Cook, LLP Page 14
15 civil action against the creditor or service provider for damages, injunctive relief, or equitable relief, and a penalty of $100 per day for noncompliance, plus attorneys fees.58 Section of the Penal Code, and similar provisions in Section applicable to credit card issuers, Financial Code Section 4002 applicable to supervised financial organizations, and Financial Code Section applicable to California Finance Lender licensees, will ultimately be preempted by the record production provisions of the FCRA.59 APPLICANT OR PURCHASER VERIFICATION PROCEDURES In an effort to stem the flow of merchandise, including automobiles, into the hands of perpetrators using false identification, an ambitious verification procedure was adopted effective January 1, 2002, that required any person who uses a consumer credit report in connection with a credit transaction, and who discovered that the address on the consumer credit report did not match the address of the consumer requesting or being offered credit, to take specific steps to communicate to the person whose information was being unlawfully used.60 The law was amended in September to clarify the requirements for verification, and to add some additional responsibilities for creditors. Any person who uses a consumer credit report in connection with the approval of credit based on an application for an extension of credit, and who discovers that the address on the credit application does not match, within a reasonable degree of certainty, the address or addresses listed on the consumer credit report, must take reasonable steps to verify the accuracy of the address provided on the application to confirm that the extension of credit is not the result of identity theft Cal. Pen. Code 530.8(d)(2). 59 FCRA 625(b)(3). 60 Cal. Civ. Code (a). 61 Stats. 2002, ch These provisions may only be partially preempted by amendments to the FCRA made by the FACT Act. See FCRA 625(b)(3). The FACT Act Section 315 added a similar provision to the FACT 605(h): Notice of Discrepancy in Address. -- In General. If a person has requested a consumer report relating to a consumer from a consumer reporting agency described in section 603(p), the request includes an address for the consumer that substantially differs from the addresses in the file of the consumer, and the agency provides a consumer report in response to the request, the consumer reporting agency shall notify the requester of the existence of the discrepancy. (2) Regulations. (A) Regulations Required. The Federal banking agencies, the National Credit Union Administration, and the Commission shall jointly, with respect to the entities that are subject to their respective enforcement authority under section 621, prescribe regulations providing guidance regarding reasonable policies and procedures that a user of a consumer report should employ when such user has received a notice of discrepancy under paragraph (1). (B) Policies and Procedures to be Included. The regulations prescribed under subparagraph (A) shall describe reasonable policies and procedures for use by a user of a consumer report (i) to form a reasonable believe that the user knows the identity of the person to whom the consumer report pertains; and (ii) if the user establishes a continuing relationship with the consumer, and the user regularly and in the ordinary course of 2004 Hudson Cook, LLP Page 15
16 Effective January 1, 2004,63 in addition to checking the address to match that shown on the consumer credit report, the creditor must also check the consumer s first and last name and social security number In a separate, but related, provision of the Credit Reporting Agencies Act, effective July 1, 2004, any person who uses a consumer credit report in connection with the approval of credit based on an application for an extension of credit, or with the purchase, lease or rental of goods or non-credit-related services and who receives notification of a security alert pursuant to the security alert 64 provisions, may not lend money, extend credit, or complete the purchase, lease, or rental of goods or non-creditrelated services without taking reasonable steps to verify the consumer s identity, in order to ensure that the application for an extension of credit or for the purchase, lease or rental of goods or noncredit related services is not the result of identity theft.65 If the consumer has placed a statement with the security alert in his or her credit file requesting that identity be verified by calling a specified telephone number, any person who receives that statement with the security alert in a consumer s credit file must take reasonable steps to verify the identity of the consumer by contacting the consumer using the specified telephone number prior to lending money, extending credit, or completing the purchase of the goods or services.66 The written disclosure provided by consumer credit reporting agencies to consumers in connection with their rights has been amended to take these new steps into account. The new language in the written disclosure is: Recipients of your credit report are required to take reasonable steps, including contacting you at the telephone number you may provide with your security alert, to verify your identity prior to lending money, extending credit, or completing the purchase, lease, or rental of goods or services. The security alert may prevent credit, loans, and services from being approved in your name without your consent. 67 business furnishes information to the consumer reporting agency from which the notice of discrepancy pertaining to the consumer was obtained, to reconcile the address of the consumer with the consumer reporting agency by furnishing such address to such consumer reporting agency as part of information regularly furnished by the user for the period in which the relationship is established. Proposed effective date December 1, Stats. 2003, ch See discussion on page 19, infra. 65 Cal. Civ. Code (g) as amended by Stats. 2003, ch. 907, S.B Id. 67 Cal. Civ. Code (f) as amended by Stats. 2003, ch. 907, S.B Hudson Cook, LLP Page 16
17 CREDIT CARD ISSUERS, TELEPHONE CORPORATIONS, AND CHANGE OF ADDRESS REQUESTS A credit card change of address notice process for California consumers has been in effect since July 1, A credit card issuer that mails an offer or solicitation to a consumer for a credit card and, in response, receives a completed application for that credit card that lists an address that is different from the address on the offer or solicitation, must verify the change of address by contacting the person to whom the solicitation or offer was mailed.68 If the issuer fails to verify the consumer, and an unauthorized use of the card results, the person to whom the offer or solicitation was sent will not be liable.69 This section also requires a card issuer who receives a written or oral request for a change of the cardholder s billing address, and then receives a written or oral request for an additional credit card within 10 days after the requested address change, to verify the change of address.70 As of January 1, 2004, a new section is added to Title 1.82, Business Records, of Part 4 of Division 3 of the Civil Code.71 It also requires any credit card issuer that receives a change of address request, other than for a correction of a typographical error, from a cardholder who orders a replacement credit card within 60 days before or after that request is received, to send to that cardholder a change of address notification addressed to the cardholder at the cardholder s previous address of record. If the replacement credit card is requested prior to the effective date of the change of address, the notification must be sent within 30 days of the change of address request. If the replacement credit card is requested after the effective date of the change of address, the notification must be sent within 30 days of the request for the replacement credit card.72 These new verification procedures in Title 1.82 (above) also contain a peculiar provision applicable to businesses (telephone corporations73 such as SBC or Verizon) that provide telephone accounts. If such a business receives a change of address request, other than for a correction of a typographical error, from an accountholder who orders new service, it must, within 30 days of a request for new service, send to the accountholder a change of address notification that is addressed to the previous address of record Cal. Civ. Code (a). 69 Cal. Civ. Code (b). 70 Cal. Civ. Code (c). 71 Stats. 2003, ch. 533, S.B Cal. Civ. Code b(a). 73 A telephone corporation is any person owning, controlling, operating, or managing any telephone line for compensation in the state. Cal. Pub. Ut. Code Cal. Civ. Code b(b) Hudson Cook, LLP Page 17
18 The notification under either of the above provisions may be given by telephone or if the card issuer or business entity reasonably believes that it has the current telephone number and address for the cardholder or accountholder who has requested a change of address. If the notification is in writing, it may not contain the cardholder s or accountholder s account number, social security number, or other personal identifying information.75 The card issuer or business entity is not required to give the change of address notification when a change of address is made in person by one who presents valid identification, or made by telephone and the requester has provided a unique alphanumeric password.76 MORE ON SECURITY ALERTS AND SECURITY FREEZES The California Civil Code provision concerning the ability of a person to place a security alert on his or her credit file with a credit reporting agency77 has been amended to provide for some hefty statutory penalties for a violation.78 A California consumer may place a security alert on his or her credit file by making a request in writing or by calling a toll-free, 24/7 telephone number. A security alert notifies a recipient of the credit report that the consumer may be the victim of identity theft. The alert may remain in place for at least 90 days, but the consumer has a right to request a renewal of the alert Cal. Civ. Code b(c). 76 Cal. Civ. Code b(d). 77 Cal. Civ. Code added by Stats. 2003, ch. 720, effective January 1, 2002, operative July 1, Stats. 2003, ch. 907, S.B. 25. Stats. 2003, ch. 533, S.B. 602 makes similar changes, but contains a reciprocal operative factor dependent upon enactment after S.B. 25, which did not occur. Nevertheless, the statutory penalty added by S.B. 602 in amended Civ. Code (h) does become effective January 1, 2004, and is repealed upon the operative date of the amendments contained in S.B. 25, July 1, Cal. Civ. Code (a), (c) Hudson Cook, LLP Page 18
19 Effective January 1, 2004, the consumer credit reporting agency must notify the consumer who has requested a security alert of the expiration date of the alert. Any consumer credit reporting agency that recklessly, willfully, or intentionally fails to place a security alert will be liable for a penalty of up to $2,500 and in addition, reasonable attorneys fees.80 In any case, it appears that ultimately, California s provisions for security alerts will be preempted by the FACT Act amendments to the FCRA.81 Also effective January 1, 2004, a consumer credit reporting agency may charge a small fee (vs. reasonable fee ) not to exceed $10 for placing a security freeze for a consumer, or removal of the freeze, or temporary lift of the freeze for a specific period of time, and a fee not to exceed $12 for a temporary lift of a freeze for a specific party.82 CONFIDENTIALITY OF DRIVER S LICENSE INFORMATION A new Title is added to Part 4, Division 3 of the Civil Code concerning the confidentiality of driver s license information.83 A business (commercial enterprise) may swipe a driver s license or DMV-issued identification card in an electronic device for specified purposes, but may not retain or use that information except as otherwise provided. A violation of this title constitutes a misdemeanor punishable by imprisonment in a county jail for up to a year, or by a fine of not more than $10,000, or by both. Purposes for which a business may swipe a driver s license or DMV-issued identification card are: (1) to verify age or the authenticity of the driver s license or identification card; (2) to comply with a legal requirement to record, retain or transmit that information; (3) to transmit information to a check service company for the purpose of approving negotiable instruments, electronic funds transfers, or similar methods of payment, provided that only the name and ID number from the card may be used or retained by the check service company; or (4) to collect or disclose personal information that is required for reporting, investigating, or preventing fraud, abuse or material misrepresentation.84 CONFIDENTIALITY OF SOCIAL SECURITY NUMBERS A person or entity must not (1) publicly post or display in any manner an individual s social security number, (2) print the individual s social security number on any card required for the individual to access products or services, (3) require an individual to transmit the social security number over the Internet, unless the connection 80 Cal. Civ. Code (g) and (h). 81 See FCRA 625(b)(5)(B). 82 Cal. Civ. Code amended by Stats. 2003, ch. 533, S.B Stats. 2003, ch. 533, S.B. 602, effective January 1, Cal. Civ. Code Hudson Cook, LLP Page 19
20 is secure or the social security number is encrypted, (4) require an individual to use a social security number to access an Internet Website unless a password or unique personal ID number or other authentication is also required, or (5) print an individual s social security number on any materials mailed to the individual, unless state or federal law requires it.85 Notwithstanding this prohibition, a financial institution may, prior to July 1, 2004, print the individual s social security number on any account statement or similar document mailed to that individual if the social security number is provided in connection with a transaction governed by the National Automated Clearing House Association Rules, or a transaction initiated by a federal governmental entity through an automated clearing house network.86 A person or entity that has used, prior to July 1, 2002, an individual s social security number in a manner inconsistent with the foregoing may continue using it in that manner after July 1, 2002 provided certain procedures are followed: The use of the social security number is continuous. If the use is stopped for any reason, this exception will not apply. The individual is provided an annual disclosure that informs him or her of the right to stop the use of the social security number in a manner prohibited by the rules above. A written request by an individual to stop the use of his or her social security number in a manner prohibited by the rules above is implemented within 30 days of receipt of the request, without charge. The person or entity does not deny services to the individual because of his or her request.87 Based on an amendment adopted in 2003, if a state or local agency has used, prior to January 1, 2004, an individual s social security number in a manner inconsistent with the rules above, it may continue doing so in that manner on or after January 1, 2004, provided the procedures outlined above are followed. Operative dates are also extended for a variety of other institutions Cal. Civ. Code (a). 86 Cal. Civ. Code , as amended by Stats. 2003, ch. 907, S.B Cal. Civ. Code (c). 88 Stats. 2003, ch. 907, S.B. 25. Those institutions are: (1) the University of California, January 1, 2004, for the first three provisions, and January 1, 2005, for the last two; (2) the Franchise Tax Board, January 1, 2007; (3) the California community college districts, January 1, 2007; (4) the California State University System, July 1, 2005; (5) the California Student Aid Commission and its auxiliary organization, January 1, 2004, for the first three provisions, and January 1, 2005, for the last two Hudson Cook, LLP Page 20
Selected Text of the Fair Credit Reporting Act (15 U.S.C. 1681 1681v) With a special Focus on the Impact to Mortgage Lenders
Selected Text of the Fair Credit Reporting Act (15 U.S.C. 1681 1681v) as Amended by the Fair and Accurate Credit Transactions Act of 2003 (Public Law No. 108-159) With a special Focus on the Impact to
More informationHow To Prevent Identity Theft
PUBLIC LAW 108 159 DEC. 4, 2003 FAIR AND ACCURATE CREDIT TRANSACTIONS ACT OF 2003 VerDate 11-MAY-2000 04:48 Dec 12, 2003 Jkt 029139 PO 00159 Frm 00001 Fmt 6579 Sfmt 6579 E:\PUBLAW\PUBL159.108 BILLW PsN:
More informationIdentity Theft: Consumers, Creditors & Criminals Civil and Criminal Enforcement 1
Identity Theft: Consumers, Creditors & Criminals Civil and Criminal Enforcement 1 By Elizabeth A. Huber, Esq. 2 Hudson Cook, LLP Over the past two years, California s legislature has adopted a number of
More informationLaw Enforcement Officer Division of Privacy and Identity Protection The Federal Trade Commission Importance of Identity Theft Report
MEMORANDUM To: From: Re: Law Enforcement Officer Division of Privacy and Identity Protection The Federal Trade Commission Importance of Identity Theft Report The purpose of this memorandum is to explain
More informationWhat follows are various form letters that can be adapted to your
Form Letters What follows are various form letters that can be adapted to your own specific situation and used accordingly. It is prudent to send these letters by certified mail, return receipt requested,
More informationTexas Security Freeze Law
Texas Security Freeze Law BUSINESS & COMMERCE CODE CHAPTER 20. REGULATION OF CONSUMER CREDIT REPORTING AGENCIES 20.01. DEFINITIONS. In this chapter: (1) "Adverse action" includes: (A) the denial of, increase
More information3. "Consumer reporting agency" has the meaning ascribed to it in 15 U.S.C. Sec. 1681a(f).
Combo security freeze bill with consensus areas. Where no consensus: AG language in left column, CDIA language in right column. In some cases, differences on specific points are identified in text of bill.
More informationthe importance of the POLICE report
the importance of the POLICE report MEMORANDUM To: Law Enforcement Officer From: Division of Privacy and Identity Protection, The Federal Trade Commission Re: The Importance of Writing a Police Report
More informationYOUR DUTIES UNDER THE FAIR CREDIT REPORTING ACT
YOUR DUTIES UNDER THE FAIR CREDIT REPORTING ACT The Staff of the Consumer Financial Protection Bureau (CFPB) has prepared the following required notices in compliance with the Fair Credit Reporting Act
More informationCONNECTICUT IDENTITY THEFT RANKING BY STATE: Rank 19, 68.8 Complaints Per 100,000 Population, 2409 Complaints (2007) Updated November 28, 2008
CONNECTICUT IDENTITY THEFT RANKING BY STATE: Rank 19, 68.8 Complaints Per 100,000 Population, 2409 Complaints (2007) Updated November 28, 2008 Current Laws: A person commits identity theft when he intentionally
More information2003 Changes to the Fair Credit Reporting Act: Important Steps Forward at a High Cost
2003 Changes to the Fair Credit Reporting Act: Important Steps Forward at a High Cost With passage of HR 2622, the Fair and Accurate Credit Transactions Act, Congress significantly amended the Fair Credit
More informationYork County Sheriff's Office Identity Theft Victim s Packet
York County Sheriff's Office Identity Theft Victim s Packet Information and Instructions This packet should be completed once you have received a copy of your police report from the York County Sheriff's
More information2480a. Definitions. 2480b. Disclosures to consumers
Vermont Statutes Annotated Title 9 Commerce and Trade Part 3 0 Sales, Assignments and Secured Transactions Chapter 63 Consumer Fraud Subtitle 3 Fair Credit Reporting 2480a. Definitions For purposes of
More informationFair and Accurate Credit Transactions Act of 2003
Overview of FCRA Legislation Fair and Accurate Credit Transactions Act of 2003 1-800-BANKERS www.aba.com 1120 Connecticut Avenue, NW Washington, DC 20036 1-800-BANKERS www.aba.com World-Class Solutions,
More information2. "Consumer" means an individual. (same as 15 U.S.C. 1681a(c))
Combo security freeze bill with consensus areas. Where no consensus: AG language in left column, CDIA language in right column. In some cases, differences on specific points are identified in text of bill.
More informationNOTICE TO USERS OF CONSUMER REPORTS: OBLIGATIONS OF USERS UNDER THE FCRA I. OBLIGATIONS OF ALL USERS OF CONSUMER REPORTS
All users of consumer reports must comply with all applicable regulations. Information about applicable regulations currently in effect can be found at the Consumer Financial Protection Bureau s website,
More informationCITY OF ROCHESTER, MINNESOTA POLICE DEPARTMENT
CITY OF ROCHESTER, MINNESOTA POLICE DEPARTMENT 101 4 TH Street Southeast Rochester, Minnesota 55904-3761 507-328-6800 Fax 507-328-6975 To: From: Subject: Identity Theft and Internet Crime Victims Rochester
More informationRemedying the Effects of Identity Theft
Remedying the Effects of Identity Theft Identity theft occurs when someone uses your name, Social Security number, date of birth, or other identifying information, without authority, to commit fraud. For
More informationTHE FAIR CREDIT REPORTING ACT
THE FAIR CREDIT REPORTING ACT As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681 et seq.
More informationLouisiana Revised Statutes
Louisiana Revised Statutes Title 9 Civil Code-Ancillaries Book 3 Of the Different Modes of Acquiring the Ownership of Things Code Title 12 Of Loan Chapter 2 Louisiana Consumer Credit Law Part 13 Disclosure
More informationCHAPTER 172. C.56:11-28 Short title. 1. This act shall be known and may be cited as the "New Jersey Fair Credit Reporting Act."
CHAPTER 172 AN ACT concerning consumer credit reports and supplementing Title 56 of the Revised Statutes. BE IT ENACTED by the Senate and General Assembly of the State of New Jersey: C.56:11-28 Short title.
More informationARTICLE 14.3 COLORADO CONSUMER CREDIT REPORTING ACT
ARTICLE 14.3 COLORADO CONSUMER CREDIT REPORTING ACT 12-14.3-101. Short title. This article shall be known and may be cited as the "Colorado Consumer Credit Reporting Act". 12-14.3-101.5. Legislative declaration.
More informationFAIR CREDIT REPORTING ACT (FCRA)
FAIR CREDIT REPORTING ACT (FCRA) EXAMINATION PROCEDURES Examination Objectives (These reflect FFIEC-approved procedures.) To determine the credit union s compliance with the Fair Credit Reporting Act (FCRA)
More informationResolving Consumer Identity Theft for Foster Youth 2013 Edition
Resolving Consumer Identity Theft for Foster Youth 2013 Edition Alliance for Children's Rights 3333 Wilshire Blvd., Suite 550 Los Angeles, CA 90010 P 213.368.6010 F 213.368.6016 www.kids-alliance.org About
More informationF air Credit Reporting Act
F C R A a i r r e d i t e p o r t i n g c t As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C.
More informationCOLORADO IDENTITY THEFT RANKING BY STATE: Rank 8, 89.0 Complaints Per 100,000 Population, 4328 Complaints (2007) Updated November 28, 2008
COLORADO IDENTITY THEFT RANKING BY STATE: Rank 8, 89.0 Complaints Per 100,000 Population, 4328 Complaints (2007) Updated November 28, 2008 Current Laws: A person commits identity theft if he or she: Knowingly
More informationNew York Consolidated Law Service General Business Law Article 25 - Fair Credit Reporting Act
New York Consolidated Law Service General Business Law Article 25 - Fair Credit Reporting Act 380-t. Security freeze. (a) A consumer may request that a security freeze be placed on his or her consumer
More informationIdentity Theft Packet
BOULDER POLICE DEPARTMENT 1805 33 rd Street Boulder, CO 80301 Identity Theft Packet ** Use this packet when the crime involves the stealing of someone's identity, such as when a victim finds out that someone
More informationTexas Annotated Statutes Title 2 Competition and Trade Practices Chapter 20 Regulation of Consumer Credit Reporting Agencies
Texas Annotated Statutes Title 2 Competition and Trade Practices Chapter 20 Regulation of Consumer Credit Reporting Agencies 20.01. Definitions In this chapter: (1) "Adverse action" includes: (A) the denial
More informationa. Credit to be used primarily for personal, family, or household purposes. c. Any other purpose authorized under 15 U.S.C. 168l(b).
North Carolina General Statutes Article 2A Identity Theft Protection Act 75-61. Definitions. The following definitions apply in this Article: (1) "Business". A sole proprietorship, partnership, corporation,
More informationWest Palm Beach Police Department s Identity Theft Victim s Packet
West Palm Beach Police Department s Identity Theft Victim s Packet Information and Instructions This packet should be completed once you have contacted West Palm Beach Police Department and obtained a
More informationAvondale Police Department Identity Theft / Fraud / Forgery Victim's Packet
Avondale Police Department Identity Theft / Fraud / Forgery Victim's Packet Information and Instructions This packet should be completed once you have contacted the Avondale Police Department and obtained
More informationIdentity Theft Victim s Packet
Identity Theft Victim s Packet Information and Instructions This packet is to be completed once you have contacted the Lafayette County Sheriff s Department and obtained a report number related to your
More information75-63. Security freeze.
75-63. Security freeze. (a) A consumer may place a security freeze on the consumer's credit report by making a request to a consumer reporting agency in accordance with this subsection. A security freeze
More informationInvestigation and Prosecution of Identity Theft
Investigation and Prosecution of Identity Theft In an effort to assist you in dealing with problems related to Identity Theft, the Menomonee Falls Police Department has prepared this packet of information
More informationIdentity Theft Victim s Packet
Identity Theft Victim s Packet Information and Instructions This packet should be completed once you have contacted Chandler Police Department and obtained a police report number related to your identity
More informationLake County Sheriff s Office Identity Theft/Fraud Packet
Gary S. Borders, Sheriff Lake County Sheriff s Office Identity Theft/Fraud Packet Information and Instructions The Information and Instructions portion of this packet is for you to keep and contains information
More information30-14-1726. Definitions. As used in 30-14-1726 through 30-14-1736, the following definitions apply:
Montana Code Annotated Title 30 Trade and Commerce Chapter 14 Unfair Trade Practices and Consumer Protection 30-14-1726. Definitions. As used in 30-14-1726 through 30-14-1736, the following definitions
More informationTHE FAIR CREDIT REPORTING ACT
THE FAIR CREDIT REPORTING ACT As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681 et seq.
More informationIDENTITY THEFT VICTIM S PACKET
DEPARTMENT OF PUBLIC SAFETY 1150 Canton Center S Canton, MI 48188-1699 John R. Santomauro, Director of Public Safety IDENTITY THEFT VICTIM S PACKET INFORMATION AND INSTRUCTIONS The purpose of this packet
More informationFrequently Asked Questions: Identity Theft Red Flags and Address Discrepancies
Frequently Asked Questions: Identity Theft Red Flags and Address Discrepancies The staff of the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National
More informationWISCONSIN IDENTITY THEFT RANKING BY STATE: Rank 15, 175.9 Complaints Per 100,000 Population, 9852 Complaints (2007) Updated January 16, 2009
WISCONSIN IDENTITY THEFT RANKING BY STATE: Rank 15, 175.9 Complaints Per 100,000 Population, 9852 Complaints (2007) Updated January 16, 2009 Current Laws: It is unlawful to intentionally use or attempt
More informationIdentity Theft Victim s Packet
Identity Theft Victim s Packet In this packet: Information and Instructions Section 1, # of pages 6 Fair and Accurate Credit Transactions Act of 2003 Section 2, # of pages 3 ID Theft Affidavit Section
More informationHow To Get A Credit Card From A Fraudulent Account
Information and Instructions This packet is to be completed once you have contacted New York State University Police and obtained a police report number related to your identity theft case. To obtain a
More information44-1695. Liability. 44-1698. Security freeze on credit reports and credit scores; fees; definitions
Arizona Revised Statutes Title 44 Trade and Commerce Chapter 11 Regulations Concerning Particular Businesses Article 6 Consumer Reporting Agencies and Fair Credit Reporting 44-1695. Liability A. A consumer
More informationSENATE FILE NO. SF0065. Sponsored by: Senator(s) Johnson and Case A BILL. for. AN ACT relating to consumer protection; providing for
00 STATE OF WYOMING 0LSO-00 SENATE FILE NO. SF00 Identity theft protection. Sponsored by: Senator(s) Johnson and Case A BILL for AN ACT relating to consumer protection; providing for notice to consumers
More informationIdentity Theft Victim s Packet
Identity Theft Victim s Packet Information and Instructions This packet is to be completed once you have contacted Lake Oswego Police Department and obtained a police report number related to your identity
More informationPlymouth Township Police Department s Identity Theft Victim s Packet
Plymouth Township Police Department s Identity Theft Victim s Packet Information and Instructions This packet should be completed once you have contacted Plymouth Township Police Department and obtained
More informationGENERAL ASSEMBLY OF NORTH CAROLINA SESSION 2005 H 2 HOUSE BILL 629 Committee Substitute Favorable 5/18/05
GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 0 H HOUSE BILL Committee Substitute Favorable //0 Short Title: Option to Freeze Credit Report. Sponsors: Referred to: March, 0 (Public) A BILL TO BE ENTITLED
More informationTHE FAIR CREDIT REPORTING ACT
THE FAIR CREDIT REPORTING ACT As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681 et seq.
More informationAs a public service, the staff of the Federal Trade Commission (FTC) has
As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681 et seq. Although staff generally followed
More informationBEST CASE BANKRUPTCY NOTICE TO END USER
BEST CASE BANKRUPTCY NOTICE TO END USER Best Case, LLC, recognizes that it may benefit end users of its Best Case Bankruptcy software to have immediate access to a credit reporting agency. To that end,
More informationBUSINESS AND COMMERCE CODE PERSONAL IDENTITY INFORMATION UNAUTHORIZED USE OF IDENTIFYING INFORMATION
BUSINESS AND COMMERCE CODE TITLE 11. PERSONAL IDENTITY INFORMATION SUBTITLE B. IDENTITY THEFT CHAPTER 521. UNAUTHORIZED USE OF IDENTIFYING INFORMATION SUBCHAPTER A. GENERAL PROVISIONS Sec. 521.001.AASHORT
More informationROCKWALL POLICE DEPARTMENT CRIMINAL INVESTIGATIONS DIVISION 205 W. Rusk St. Rockwall, Texas 75087 (972) 771-7716
ROCKWALL POLICE DEPARTMENT CRIMINAL INVESTIGATIONS DIVISION 205 W. Rusk St. Rockwall, Texas 75087 (972) 771-7716 Identity Theft Information and Affidavit RPD Case # - The attached Identity Theft Affidavit
More informationADDITIONAL SUMMARY OF RIGHTS
ADDITIONAL SUMMARY OF RIGHTS For Texas Residents: Under the Fair Credit Reporting Act (FCRA), all consumers are entitled to one free annual file disclosure in any twelve month period. You may be charged
More informationNorth Carolina General Statutes Chapter 75 Monopolies, Trusts, and Consumer Protection Article 2A Identity Theft Protection Act
North Carolina General Statutes Chapter 75 Monopolies, Trusts, and Consumer Protection Article 2A Identity Theft Protection Act 75-60. Title. This Article shall be known and may be cited as the "Identity
More informationThe Rosenthal Fair Debt Collection Practices Act California Civil Code 1788 et seq.
The Rosenthal Fair Debt Collection Practices Act California Civil Code 1788 et seq. 1788. This title may be cited as the Rosenthal Fair Debt Collection Practices Act. 1788.1 (a) The Legislature makes the
More informationTHE FAIR CREDIT REPORTING ACT
THE FAIR CREDIT REPORTING ACT As a public service, the staff of the Federal Trade Commission (FTC) has prepared the following complete text of the Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681 et seq.
More informationPLEASE READ. The official text of New Jersey Statutes can be found through the home page of the New Jersey Legislature http://www.njleg.state.nj.
PLEASE READ The official text of New Jersey Statutes can be found through the home page of the New Jersey Legislature http://www.njleg.state.nj.us/ New Jersey Statutes Annotated (N.J.S.A.), published by
More informationCFTC and SEC Jointly Propose Identity Theft Rules
CLIENT MEMORANDUM March 7, 2012 CFTC and SEC Jointly Propose Identity Theft Rules Contents Identity Theft Prevention Program...1 Entities Required to Comply...1 Financial Institutions and Creditors...
More informationCHAPTER 226. C.56:11-44 Short title. 1. This act shall be known and may be cited as the "Identity Theft Prevention Act."
CHAPTER 226 AN ACT concerning identity theft, amending P.L.1997, c.172 and supplementing various parts of the statutory law. BE IT ENACTED by the Senate and General Assembly of the State of New Jersey:
More informationAn Overview of the Identity Theft Red Flags and Address Discrepancies under the Fair and Accurate Credit Transactions Act of 2003 Final Rules
An Overview of the Identity Theft Red Flags and Address Discrepancies under the Fair and Accurate Credit Transactions Act of 2003 Final Rules By: Andrea J. Shaw, Esq., Compliance Officer, Gorham Savings
More informationAnalysis of the Fair and Accurate Credit Transactions Act of 2003, Pub. L. No. 108-159 (2003). 1
Analysis of the Fair and Accurate Credit Transactions Act of 2003, Pub. L. No. 108-159 (2003). 1 Summary of FACTA Changes to the FCRA The FCRA s most significant features include: Existing FCRA preemption
More informationNevada Security Freeze Law Senate Bill No. 80
Nevada Security Freeze Law Senate Bill No. 80 CHAPTER... AN ACT relating to personal identifying information; providing that a consumer may place a security freeze in certain files maintained by a credit
More informationNebraska Loan Broker Act Chapter 45, Article 1, Section f 45-189 to 45-193
45-189 Loan brokers; legislative findings. The Legislature finds that: Nebraska Loan Broker Act Chapter 45, Article 1, Section f 45-189 to 45-193 (1) Many professional groups are presently licensed or
More informationLake Havasu City. Identity Theft Prevention Program
Lake Havasu City Identity Theft Prevention Program Effective beginning May 1, 2009 I. PROGRAM ADOPTION Lake Havasu City (City) developed this Identity Theft Prevention Program (Program) pursuant to the
More informationCredit Repair Organizations Act
Credit Repair Organizations Act Title IV of the Consumer Credit Protection Act (Public Law 90-321, 82 Stat. 164) is amended to read as follows: TITLE IV--CREDIT REPAIR ORGANIZATIONS'' Sec. 401. Short title.
More informationMARYLAND IDENTITY THEFT RANKING BY STATE: Rank 10, 85.8 Complaints Per 100,000 Population, 4821 Complaints (2007) Updated January 29, 2009
MARYLAND IDENTITY THEFT RANKING BY STATE: Rank 10, 85.8 Complaints Per 100,000 Population, 4821 Complaints (2007) Updated January 29, 2009 Current Laws: A person may not knowingly, willfully, and with
More informationNew Hampshire Statutes Title 31 Trade and Commerce Chapter 359-B Consumer Credit Reporting
New Hampshire Statutes Title 31 Trade and Commerce Chapter 359-B Consumer Credit Reporting 359-B:22 Definitions. In this subdivision: I. "Identity theft" means the unauthorized taking or use of an individual's
More informationCHAPTER 2--CREDIT REPAIR ORGANIZATIONS SEC. 2451. REGULATION OF CREDIT REPAIR ORGANIZATIONS.
CODES COMPLAINTS EMPLOYEE CERTIFICATION FEDERAL LAWS NACSO GUIDELINES LOG OUT CHAPTER 2--CREDIT REPAIR ORGANIZATIONS SEC. 2451. REGULATION OF CREDIT REPAIR ORGANIZATIONS. Title IV of the Consumer Credit
More informationMichie's Legal Resources. This part shall be known and may be cited as the Tennessee Identity Theft Deterrence Act of 1999. [Acts 1999, ch. 201, 2.
http://www.michie.com/tennessee/lpext.dll/tncode/12ebe/13cdb/1402c/1402e?f=templates&... Page 1 of 1 47-18-2101. Short title. This part shall be known and may be cited as the Tennessee Identity Theft Deterrence
More informationFeatured Article Federal Red Flag and Related Identity Theft Prevention Rules: Is Your Organization in Compliance?
Featured Article Federal Red Flag and Related Identity Theft Prevention Rules: Is Your Organization in Compliance? Article contributed by: Nancy L. Perkins, Arnold & Porter LLP As of November 1, 2008,
More informationIdaho Code Statutes Annotated Title 28 Commercial Transactions Chapter 52 Credit Report Protection Act
Idaho Code Statutes Annotated Title 28 Commercial Transactions Chapter 52 Credit Report Protection Act 28-52-101. Short title This chapter shall be known and cited as the "Credit Report Protection Act."
More informationEnrolled Copy S.B. 54
1 CREDIT MONITORING FOR MINORS 2 2015 GENERAL SESSION 3 STATE OF UTAH 4 Chief Sponsor: Aaron Osmond 5 House Sponsor: Rich Cunningham 6 7 LONG TITLE 8 General Description: 9 This bill modifies and enacts
More informationFighting Identity Theft with the Red Flags Rule: A How-To Guide for Business
Federal Trade Commission BCP Business Center business.ftc.gov Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business An estimated nine million Americans have their identities stolen
More informationTITLE III CROWDFUNDING
H. R. 3606 10 have any person associated with that person subject to such a statutory disqualification. (3) For the purposes of this subsection, the term ancillary services means (A) the provision of due
More informationCREDIT REPAIR SERVICES (California Civil Code 1789.10 et seq.; 15 U.S.C.A. 1679 et seq.)
Legal Affairs 1625 North Market Blvd., Suite S 309, Sacramento, CA 95834 www.dca.ca.gov Legal Guide CR-9 CREDIT REPAIR SERVICES (California Civil Code 1789.10 et seq.; 15 U.S.C.A. 1679 et seq.) January
More informationChapter 21 Credit Services Organizations Act
Chapter 21 Credit Services Organizations Act 13-21-1 Short title. This chapter is known as the "Credit Services Organizations Act." Enacted by Chapter 29, 1985 General Session 13-21-2 Definitions -- Exemptions.
More informationSan Antonio Police Department FORGERY DETAIL 315 S. Santa Rosa SAN ANTONIO, TX 78207 (210)-207-7451 OFFICE (210)-207-4070 FAX
San Antonio Police Department FORGERY DETAIL 315 S. Santa Rosa SAN ANTONIO, TX 78207 (210)-207-7451 OFFICE (210)-207-4070 FAX Identity Theft Packet SAPD case # Assigned Detective: The San Antonio Police
More informationIdentity Theft Victim Checklist
CONSUMER INFORMATION SHEET 3 4/30//08 Identity Theft Victim Checklist This checklist can help identity theft victims clear up their records. It lists the actions most identity theft victims should take
More informationFRAUD PACKET. Instructions and Useful Information. Mesa Police Department Attention Financial Crimes PO Box 1466 Mesa, AZ 85211-1466
FRAUD PACKET Instructions and Useful Information Please read entire packet and follow instructions to complete this packet properly. **This packet should ONLY be completed if you are a victim of Identity
More informationSTATE OF NEW JERSEY. SENATE, No. 1988. 213th LEGISLATURE. Sponsored by: Senator JEFF VAN DREW District 1 (Cape May, Atlantic and Cumberland)
SENATE, No. STATE OF NEW JERSEY th LEGISLATURE INTRODUCED JUNE, 00 Sponsored by: Senator JEFF VAN DREW District (Cape May, Atlantic and Cumberland) SYNOPSIS "New Jersey Fair Debt Collection Practices Act."
More informationTRACERS INFORMATION SPECIALISTS, INC.
TRACERS INFORMATION SPECIALISTS, INC. Subscriber Certification of Use for FCRA-REGULATED PRODUCTS Compliance Exhibit C 1. Reseller has access to consumer reports from one or more consumer credit reporting
More informationHow To Comply With The Federal Consumer Reporting Act
Fair Credit Reporting Act 1 The Fair Credit Reporting Act (FCRA) 2 became effective on April 25, 1971. The FCRA is a part of a group of acts contained in the Federal Consumer Credit Protection Act 3 such
More informationA Summary of Your Rights under the Fair Credit Reporting Act
A Summary of Your Rights under the Fair Credit Reporting Act The federal Fair Credit Reporting Act (FCRA) is designed to promote accuracy, fairness, and privacy of information in the files of every "consumer
More informationDHHS POLICIES AND PROCEDURES
DHHS POLICIES AND PROCEDURES Section VIII: Privacy and Security Identity Theft Policies, Identity Theft Red Flags and Address Discrepancy Identity Theft Policies Current Effective 2/1/16, 10/1/15 Date:
More informationIC 24-4.5-7 Chapter 7. Small Loans
IC 24-4.5-7 Chapter 7. Small Loans IC 24-4.5-7-101 Citation Sec. 101. This chapter shall be known and may be cited as Uniform Consumer Credit Code Small Loans. As added by P.L.38-2002, SEC.1. IC 24-4.5-7-102
More informationProtecting the Rights of Victims of Identity Theft
Protecting the Rights of Victims of Identity Theft II Congreso Internacional del Derecho de los Mercados Bogotá, Colombia Marzo 2015 The views expressed in this presentation are mine and are not necessarily
More informationSECURITY FREEZE ACT S.B. 174: ANALYSIS AS ENACTED
SECURITY FREEZE ACT S.B. 174: ANALYSIS AS ENACTED Senate Bill 174 (as enacted) PUBLIC ACT 229 of 2013 Sponsor: Senator John Proos Senate Committee: Banking and Financial Institutions House Committee: Financial
More informationMISSISSIPPI IDENTITY THEFT RANKING BY STATE: Rank 32, 57.3 Complaints Per 100,000 Population, 1673 Complaints (2007) Updated December 21, 2008
MISSISSIPPI IDENTITY THEFT RANKING BY STATE: Rank 32, 57.3 Complaints Per 100,000 Population, 1673 Complaints (2007) Updated December 21, 2008 Current Laws: A person shall not obtain or attempt to obtain
More informationMilford Police Department
Identity Theft Packet Information and Instructions This packet is to be completed once you have contacted Milford Police Department and obtained a police report number related to your identity theft case.
More informationCredit Report Protection Act Chapter 8, Article 26 8-2601 to 8-2615
Credit Report Protection Act Chapter 8, Article 26 8-2601 to 8-2615 8-2601 Act, how cited. Sections 8-2601 to 8-2615 shall be known and may be cited as the Credit Report Protection Act. Laws 2007, LB674,
More informationNC General Statutes - Chapter 75 Article 2A 1
Article 2A. Identity Theft Protection Act. 75-60. Title. This Article shall be known and may be cited as the "Identity Theft Protection Act". (2005-414, s. 1.) 75-61. Definitions. The following definitions
More informationUtah Code Annotated Title 13 Commerce and Trade Chapter 45 Consumer Credit Protection Part 2 Security Freeze
Utah Code Annotated Title 13 Commerce and Trade Chapter 45 Consumer Credit Protection Part 2 Security Freeze 13-45-201. Security freeze (1) A consumer may place a security freeze on the consumer's credit
More informationCommercial Law - Consumer Credit Report Security Freezes
LAWS OF ALASKA 00 Source SCS CSHB (FIN) am S Chapter No. AN ACT Relating to breaches of security involving personal information, credit report and credit score security freezes, protection of social security
More information51ST LEGISLATURE - STATE OF NEW MEXICO - FIRST SESSION, 2013
SENATE BILL 1ST LEGISLATURE - STATE OF NEW MEXICO - FIRST SESSION, INTRODUCED BY Joseph Cervantes 1 ENDORSED BY THE COURTS, CORRECTIONS AND JUSTICE COMMITTEE AN ACT RELATING TO CIVIL ACTIONS; CLARIFYING
More informationKRS Chapter 61. Personal Information Security and Breach Investigations
KRS Chapter 61 Personal Information Security and Breach Investigations.931 Definitions for KRS 61.931 to 61.934. (Effective January 1, 2015).932 Personal information security and breach investigation procedures
More informationS. 1408. [Report No. 109 203] To strengthen data protection and safeguards, require data breach notification, and further prevent identity theft.
II TH CONGRESS 1ST SESSION S. 10 Calendar No. 0 [Report No. 0] To strengthen data protection and safeguards, require data breach notification, and further prevent identity theft. IN THE SENATE OF THE UNITED
More informationCOLORADO CONSUMER EQUITY PROTECTION ACT July 1, 2011
COLORADO CONSUMER EQUITY PROTECTION ACT July 1, 2011 Table of Contents COLORADO CONSUMER EQUITY PROTECTION ACT... 1 PART 1 OBLIGOR PROTECTION... 1 5-3.5-101. Definitions.... 1 5-3.5-102. Protection of
More informationUNITED STATES DISTRICT COURT FOR THE MIDDLE DISTRICT OF FLORIDA TAMPA DIVISION
Case 8:08-cv-02062-JDW-AEP Document 139 Filed 10/15/10 Page 1 of 14 FEDERAL TRADE COMMISSION, UNITED STATES DISTRICT COURT FOR THE MIDDLE DISTRICT OF FLORIDA TAMPA DIVISION Plaintiff, v. Case No. 8:08-cv-2062-T-27MAP
More information