South Carolina Lawyer
SC Lawyer, March 2006, #3.
Identity Theft and Liability for Furnishers of Credit Information
South Carolina Lawyer March 2006 Identity Theft and Liability for Furnishers of Credit Information By Emily Farr I. Introduction
The growing concern over identity theft has prompted new changes in both state and federal legislation. These changes have a direct effect on the legal responsibilities and liability of financial institutions that maintain private information.
Examples of recent "horror stories" involving identity theft that have elevated concern of the issue include the following:
* ChoicePoint - February 2005
Thieves posed as small business customers to access sensitive data for 145,000 individuals.
* Bank of America - February 2005
Computer tapes containing information on 1.2 million U.S. government employees, including
U.S. Senators on a banking committee, disappeared.
* Lexis/Nexis - March 2005
Unauthorized access was gained to databases containing information on 310,000 customers.
* Retail Ventures/ DWS Shoes - March 2005
1.4 million credit cards and 96,000 check transactions were stolen from 108 stores.
* Wachovia, Bank of America, PNC Financial, Commerce BanCorp - May 2005
New Jersey authorities made arrests of employees and others in scheme to steal records of 676,000 customers and sell them to a collection agency.
* Citifinancial - June 2005
Computer tapes containing the information of 3.9 million customers were lost by UPS despite enhanced security procedures.
II. Federal legislation
Recent federal legislation has sought to address the public concern over identity theft and provide victims with appropriate remedies and the necessary tools to rectify the situation. One of the more sweeping pieces of legislation to accomplish this goal was the passage of the Fair and Accurate Credit Transactions Act (FACTA) in 2003, which amended the Fair Credit Reporting Act. FACTA provides for a web of communication between credit reporting agencies (CRAs), furnishers of credit information and the consumer to more quickly remove inaccurate credit reporting due to identity theft.
A. Enhanced duties for furnishers of credit information
As a "furnisher of information" to consumer reporting agencies, financial institutions are subject to certain duties under the Fair Credit Reporting Act (FCRA). See 15 U.S.C. § 1681s-2 (1998 & Supp. 2005) (governing the responsibilities of furnishers of information to credit reporting agencies). Many of the new duties imposed by FACTA are included in subsection (a) of § 1681s-2, along with the duty to report accurate information, correct and update information and provide notice of a dispute.
Numerous provisions of FACTA are directly applicable to financial institutions that furnish credit information to CRAs. These new provisions include the following changes in financial institutions' legal duties and liabilities.
* Consumers can now place fraud alerts or active duty alerts on their credit files. If a consumer has either alert on his credit report, then a creditor is put on notice that the consumer does not authorize the user of the credit report to establish a new credit plan or to extend new credit without taking additional steps to verify the identity of the person requesting the credit.
* Credit card receipts cannot contain more than the last five...