For Immediate Release: Attorney General Frey Signs Multi-State Letter Supporting FTC Identity Theft Rules

February 11, 2019

AUGUSTA - Attorney General Aaron Frey joined a coalition of 31 Attorneys General and sent a letter to the Federal Trade Commission (FTC) today urging the FTC to continue its Identity Theft Rules, which were originally adopted in November, 2007. The letter cites the proliferation of identity theft in many states and the growth in technology since the rules were adopted. The letter is attached.

"Every day, consumers' personal information is compromised through no fault of their own, and they have no way of knowing which pieces of data have been used by bad actors and when," said Frey. "It is only fair that the entities governed by this rule bear the burden of detecting, preventing, and mitigating identity theft. Repealing this rule would put consumers at risk."

The current rules require certain financial institutions and businesses that grant credit or issue debit or credit cards to take steps to detect, prevent and mitigate identify theft by implementing reasonable safeguards. The letter also suggests adding a requirement that cardholder must be notified by email or cell phone if an email address or cell phone number are changed. This is in addition to the existing requirement to mail notification upon change of account address. The Attorneys General also ask that suspicious account activity also include account access by new and previously unknown devices and repeated unsuccessful access attempts.

Attorney General Rosenblum of Oregon led the letter, which was also signed by the Attorneys General of Alaska, California, Colorado, Connecticut, District of Columbia, Delaware, Hawaii, Iowa, Illinois, Kentucky, Massachusetts, Maryland, Maine, Michigan, Minnesota, Missouri, North Carolina, Nebraska, New Jersey, New Mexico, Nevada, Oklahoma, Pennsylvania, Rhode Island, Tennessee, Utah, Virginia, Vermont, Washington, and Wisconsin.


Supporting documents