North Carolina Governor Signs Legislation to Protect Victims of Identity Theft

On July 27, North Carolina Governor Beverly Perdue signed SB 1017, an Act enhancing protections available to victims of identity theft. In general, the Act creates new legal obligations for credit reporting agencies (CRAs), creditors, businesses, and credit monitoring services. Under the Act, CRAs must notify a North Carolina consumer that requests a security freeze that such consumer must make separate, individual requests to CRAs regarding a security freeze because a freeze can only be placed on the files of the CRA to which the consumer directs a request. Additionally, the Act mandates that CRAs lower their response times to a consumer’s request to add or remove a freeze. Specifically, for written requests, CRAs must add or remove a freeze within three days. For electronic or telephonic requests, CRAs must add a freeze within 24 hours and must remove a freeze within 15 minutes. With respect to creditors, the Act prohibits any communication about a debt to a CRA during the pendency of a consumer’s application for an award from the North Carolina Crime Victims Compensation Fund. The Act also requires credit monitoring services to notify consumers that they have the right to one free credit report per year before charging the consumer a fee to obtain or monitor the consumer’s credit report on behalf of the consumer. The Act becomes effective October 1, 2009.