Cybersecurity & Data Privacy Articles by Robert W. Anderson

Identity theft is an area of major concern for consumers and businesses alike. Roughly nine million individuals in the U.S. can expect to have their identity stolen each year. With just a few items of personal information (such as the name, social security number, and the date of birth of an individual) a cyber-criminal can potentially drain existing accounts or open new credit card accounts with devastating consequences for the unwitting consumer’s credit ratings and future path in life. If your business has been lax in protecting the privacy of such personal information in its possession, you may be inviting your own devastating consequences: lawsuits by individuals experiencing identity theft as a result of your lax procedures, regulatory enforcement actions, and damage to your business reputation and loss of trust by your customers.

The Red Flags Rule, issued by the Federal Trade Commission (“FTC”), requires financial institutions and creditors with covered accounts (as defined in the Red Flag Rule) to develop a written program that identifies and detects the relevant warning signs, or red flags, of identity theft.

Red flags can include, for example: