Continued from page 1
The FTC should be applauded for taking any step to help in fight against identity theft. The flood of recent public disclosures by companies admitting to lost records is appalling. But does this new rule really help?
The new regulation provides no provisions on how long records can be held before being destroyed. This effectively neuters regulation. Any claim of violation is going to be refuted by defense of, “We destroy records every xxx months.” Even if you disagree with this assessment, consider destruction of electronic files.
Electronic files are automatically backed up on hard drives. Merely deleting a file does not erase it from a hard drive. To comply with regulations, are companies supposed to wipe all their hard drives every day or is deleting records enough? Wiping drives is incredibly burdensome while deleting files is useless. As you might imagine, FTC provides no guidance on issue.
Cutting to chase, FTC has issued this rule for one reason – to satisfy Congress. It has little practical impact in protecting your private information and leaves companies with another vague regulatory requirement.
Richard A. Chapo is with SanDiegoBusinessLawFirm.com - This article is for information purposes only. Nothing in this article is intended to address the reader’s specific situation nor does it create an attorney-client relationship.