Court of Appeals Analyzes Red Flag Program Clarification Act

Posted March 8, 2011 by Kristin Eick
Categories: Red Flags Rule

In the first case to discuss the Red Flag Program Clarification Act of 2010, the Court of Appeals dismissed the American Bar Association’s lawsuit against the Federal Trade Commission (FTC) as moot.  The American Bar Association filed suit in 2009 after the FTC issued an Extended Enforcement Policy, explaining that “professionals, such as lawyers or health care providers, who bill their clients after services are rendered,” would be considered “creditors” under the statute and, therefore, subject to the Rule’s requirements.  The Court determined that the Red Flag Program Clarification Act mooted the case because “the Clarification Act . . . clarifies that, to be a ‘creditor’ subject to the Red Flags Rule requirements, one must not only regularly extend, renew, or continue credit . . . , but must also ‘regularly and in the ordinary course of business,’ (i) obtain or use consumer reports, (ii) furnish information to consumer reporting agencies, or (iii) advance funds with an obligation of future repayment.”  The Court continued: “Most importantly, at least with respect to the matters in dispute in this case, the Clarification Act makes it plain that the granting of a right to ‘purchase property or services and defer payment therefore’ is no longer enough to make a person or firm subject to the FTC’s Red Flags Rule – there must now be an explicit advancement of funds.  In other words, the FTC’s assertion that the term ‘creditor,’ as used in the Red Flags Rule and the FACT Act, includes ‘all entities that regularly permit deferred payments for goods or services,’ . . .  is no longer viable.” 

Thus, the Court of Appeals confirmed the analysis of the Red Flag Program Clarification Act discussed in the previous blog posting.  Although the case involved the application of the Red Flags Rule to lawyers, the Court’s analysis should be equally applicable to municipal utilities, which were previously subject to the Red Flags Rule because of deferred payment for goods and services. 

However, the Court also noted that it would not prematurely comment on new rules that the FTC might promulgate to regulate lawyers.  As stated in the previous blog posting, the FTC has the authority to engage in rulemaking to include entities within the coverage of the Red Flags Rule that maintain accounts subject to a reasonably foreseeable risk of identity theft. 

A link of the Court’s opinion is provided here.

Municipal Utilities and the Red Flag Program Clarification Act of 2010

Posted February 9, 2011 by Kristin Eick
Categories: Red Flags Rule, Uncategorized

As previously posted on this blog, the Federal Trade Commission (FTC) delayed enforcement of the Red Flag Rules until December 31, 2010, in large part due to extensive litigation and controversy regarding the scope of the Rules.  According to the FTC’s press release, during the delay period, Congress was scheduled to consider legislation that would alter the scope of entities covered by the Rule, and more specifically the definition of a “creditor.”

At the end of December 2010, Congress passed the Red Flag Program Clarification Act of 2010, which as expected, changed the definition of “creditor.”  Though Congress redefined the term creditor, it did not clearly include or exclude specific types of entities, such as utilities, from the purview of the Red Flags Rule.  In short, it is not clear whether municipal utilities are still required to comply with the Red Flags Rule.  However, until the FTC revises its guidance, it is best to begin enforcing the Identity Theft Prevention Program that your municipal utility adopted in anticipation of the December 31st deadline.

Before the Clarification Act was enacted, only “creditors” and “financial institutions” with one or more “covered accounts” were required to develop and implement a written Identity Theft Prevention Program.  A “creditor” was defined as an entity that regularly extended, renewed, or continued credit.  A “creditor” included businesses or organizations that regularly deferred payment for goods or services or provided goods or services and billed customers later.  Municipal utilities were considered “creditors” under this Rule both because utilities defer payment for services and because the FTC’s regulations specifically referenced utilities as an example of a “creditor.”

The Clarification Act, however, changed the definition of a “creditor.”  Now, a “creditor” is defined as any person who regularly extends, renews, or continues credit, and who regularly and in the ordinary course of business:

(1) obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction; or

(2) furnishes information to consumer reporting agencies in connection with a credit transaction; or

(3) advances funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person.

Finally, Congress stated that the term “creditor” includes any other type of creditor, as the term was previously defined prior to the Clarification Act, if the Federal banking agencies, the National Credit Union Administration, or the Federal Trade Commission deem that the entity continues to be a “creditor” by regulation.  In order to enact such a regulation, the Federal banking agencies, the National Credit Union Administration, and the Federal Trade Commission must make a determination that such creditor offers or maintains accounts that are subject to a reasonably foreseeable risk of identity theft. 

Based upon the Congressional Record in both the House and Senate, it appears that Congress wanted to limit the scope of the Red Flags Rule to those creditors that use consumer reports, furnish information to consumer reporting agencies, and to those creditors that loan money.  However, the Act specifically gives some discretion to the FTC and other regulatory agencies to include creditors which offer or maintain accounts that are subject to a reasonably foreseeable risk of identity theft.  To date, the FTC has not updated its regulations to include any other “creditors” within the scope of the Act.

From this new definition of “creditor,” a few basic principles can be distilled:

(1) Municipal utilities met the “old” definition of a creditor, so if your utility regularly obtains or uses consumer reports or if it provides information to consumer reporting agencies, your utility is still subject to the Rules.  Because the definition of a “creditor” includes the indirect use of consumer reports, your utility is probably still subject to the Rules, for example, if it contracts with collection agencies that obtain or use consumer reports or that report delinquencies to a consumer reporting agency.

(2) If your utility (and any collection agencies you contract with) does not obtain or use consumer reports or furnish information to consumer reporting agencies, your utility is no longer covered by the Red Flag Rules, except in the rare circumstance that you loan funds to customers.  Some utilities may provide conservation loans, septic loans, or other utility-related loans to customers, in which case, your utility would be a “creditor” under subparagraph (3).

(3) Even if your utility does not obtain or use consumer reports, furnish information to consumer reporting agencies, or provide loans to customers, the FTC or another federal regulatory agency may enact regulations to include utilities within the scope of the Red Flag Rules in the near future.  The FTC cited utility accounts as sources of identity theft in its previous regulations, and therefore, it seems likely that the FTC will include utilities within the scope of the Red Flag Rules in its revised regulations.  Because of this likelihood, it may be wise to continue to implement your Identity Theft Prevention Program in the interim.

(4) Remember that the Clarification Act has not changed the definition of a “covered account.”  Even if your utility continues to be a “creditor” under the new definition, only those creditors which maintain “covered accounts” must develop and implement a written Identity Theft Prevention Program.  “Covered accounts” are those which are offered or maintained by a creditor “primarily for personal, family, or household purposes, that involves or is designed to permit multiple payments or transactions” or “for which there is a reasonably foreseeable risk to customers” of identity theft.

A link to the text of the Red Flag Program Clarification Act is provided here.

A link to the FTC’s webpage regarding Red Flag Rules is provided here.

If you have further questions regarding the Clarification Act or need assistance in drafting your Identity Theft Prevention Program please contact Kristin Eick at or 206-447-7000.

Andrews v. Harrison Medical Center: Anti-Nepotism Policies

Posted January 24, 2011 by Kristin Eick
Categories: Employment, Washington Court of Appeals

In a recent unpublished case, the Washington Court of Appeals examined whether the public hospital district’s anti-nepotism policy violated Washington’s Law Against Discrimination (WLAD). The district’s policy stated that it would not offer employment, promotions, or transfers that would permit one relative to: (a) directly supervise or control the work of another, (b) evaluate or audit the work performance of another, (c) make or recommend salary decisions affecting the other, and/or (d) take disciplinary action affecting the other. Relatives included spouses, but did not include persons in “committed intimate relationships.” Under the WLAD, it is an unfair practice for any employer to refuse to hire any person because of marital status unless a bona fide occupational qualification or a business necessity applies. In addition, it is an unfair practice for any employer to discharge or bar from employment or discriminate in compensation or other terms or conditions of employment because of marital status.

The district argued that its anti-nepotism policy was based upon the business necessities presented by the situations in (a) through (d) above. However, the Andrewses argued that the district’s reasons were pretextual because the policy did not apply to persons in a “committed intimate relationship,” which would also raise the type of conflicts cited by the district. Though the district argued that the administrative burden of applying its anti-nepotism policy to committed intimate relationships was too great, the court ultimately remanded the case back to a jury to determine whether the policy was pretext for discrimination against married couples. This case serves as a reminder that discrimination based upon marital status is unlawful in Washington. If public employers adopt such a policy, it should include all types of committed relationships, unless there are specific, valid business reasons to exclude such relationships. In addition, public employers must take care to continue to follow applicable conflict of interest laws and ordinances, even if an anti-nepotism policy has not been adopted.

The opinion can be read in full here.

Genetic Information Nondiscrimination Act

Posted January 5, 2011 by Kristin Eick
Categories: Employment

The Genetic Information Nondiscrimination Act of 2008 (GINA) prohibits local government employers with 15 or more employees from requesting, requiring, or purchasing genetic information of an individual or family member of the individual, except as specifically allowed.  A city should not assume that since cities rarely require genetic testing that these regulations have no application to cities.  Genetic information can also include “family medical history.”  Therefore, while your city is unlikely to do genetic testing, you may gather family medical histories for FMLA leave administration, in the course of administering your wellness or insurance programs, or when conducting fitness for duty examinations.  Although there are exemptions for the acquisition of FMLA material and other incidental acquisitions of genetic information, cities should consult with their city attorney about any family medical histories or genetic information that are acquired by the city.

Gendler v. Batiste – Public Records Act and Traffic Accident Reports

Posted November 30, 2010 by Kristin Eick
Categories: Public Records Act, Washington Court of Appeals

In Gendler v. Batiste, the Court of Appeals held that the Washington State Patrol (WSP) was required to disclose historical bicycle accident records of accidents occurring on Seattle’s Montlake Bridge.  The requestor had suffered serious injuries when his bike tire became wedged in the bridge’s grating.  The requestor suspected that the bridge had been unsafe for cyclists since 1999 when the State replaced the bridge decking, and therefore, he sought records of other bicycle accidents from the WSP.  The WSP claimed that these records were exempt from public disclosure under federal law, 23 U.S.C. § 409, unless the requestor agreed not to use the information in litigation against the State. 

Under the Federal Highway Safety Act, states are required to identify and correct high-collision locations by collecting traffic records of accident locations, injury types, and environmental conditions.  Section 409 of the Act protects states from tort liability created by the increased self-reporting of hazardous collision data and provides that reports or data compiled or collected for the purpose of identifying, evaluating, or planning the safety enhancement of potential accident sites “shall not be subject to discovery or admitted into evidence in a Federal or State court proceeding or considered for other purposes in any action for damages arising from any occurrence at a location mentioned or addressed” in such reports or data.  The WSP argued that its police traffic collision reports fell under § 409 protection because it provided and WSDOT collected the data for the purposes of identifying and correcting high-collision locations. 

The court disagreed with the WSP, relying heavily upon Pierce County v. Guillen, 537 U.S. 129 (2003), a previous U.S. Supreme Court case reviewing the application of § 409 to Washington’s Public Records Act.  Guillen held that § 409 was inapplicable to information compiled or collected for purposes unrelated to identifying locations and priorities for improvements on the basis of crash experience pursuant to federal law.  The WSP is required to prepare accident reports on state highways under RCW 46.52.060, which the court considered an independent statutory obligation.  Because the WSP did not prepare or use the reports for Federal Highway Safety Act purposes, the protection offered by § 409 did not extend to the WSP by virtue of the fact that it designated WSDOT as its records custodian.  Therefore, the court concluded that while WSDOT was protected by § 409, the WSP was not because it prepared the accident reports for ordinary law enforcement purposes and not for purposes of complying with the Federal Highway Safety Act.

This case should have limited application to municipalities.  First, § 409 does not exempt accident reports from disclosure completely, but only provides that the reports or data cannot be admitted as evidence in a subsequent lawsuit for damages.  Section 409 is not a basis for withholding or redacting documents pursuant to a public records request; the WSP only tried to require the requestor to certify that he would not use the documents in a subsequent lawsuit prior to disclosure.  Second, there should be very limited circumstances in which a municipality is generating or compiling accident reports for Federal Highway Safety Act purposes.  If the reports or data are compiled or collected for unrelated purposes and are held by agencies that are not pursuing Federal Highway Safety Act purposes, § 409 protection will not apply at all.  Simply forwarding accident reports to WSDOT will not protect the documents in a subsequent proceeding.

The case is available here.

Teamsters Local 763 v. City of Mukilteo – Status Quo

Posted November 19, 2010 by Kristin Eick
Categories: Collective Bargaining, PERC, Washington Court of Appeals

This office was recently successful in overturning a trial court decision finding that the City had committed an unfair labor practice by failing to maintain the status quo after the expiration of a collective bargaining agreement.  When a collective bargaining agreement expires, an employer is required to maintain the terms and conditions of employment that existed when the agreement expired while negotiating a new agreement.  In this particular case, the City had agreed to pay health insurance premiums.  The City’s contribution increases were limited to a maximum increase of 11% above the 2001 rates in 2002, 10% above the 2002 rates in 2003, and 10% above the 2003 rates in 2004.  When the contract expired in 2005, the City continued to pay the same dollar amount it paid in 2004.  The Court of Appeals concluded that the City was only required to pay the fixed dollar amount it paid in 2004 during the contract negotiations, distinguishing between other cases of “dynamic status quo.”  For example, in previous PERC cases in which the employer was contractually obligated to pay 100% of the health insurance premiums, the Commission held that the employer would have to continue to pay 100% during the period of contract negotiations and committed an unfair labor practice by continuing to pay the same dollar amount previously paid.  However, because the City’s contribution each year was tied to the dollar amount paid in the first year of the contract, the City’s contribution was a fixed rate rather than a dynamic rate.  If you have any questions about status quo and dynamic status quo, please contact your city attorney.

Fitzpatrick v. Okanogan County – Flood Control Projects

Posted November 9, 2010 by Kristin Eick
Categories: Washington Supreme Court Opinion

In Fitzpatrick v. Okanogan County, 169 Wn.2d 598 (2010),  the Supreme Court held that the County and Washington State had no immunity from liability for an inverse condemnation claim arising out of the construction of a flood control project.  The County and the State had made major improvements to a dike located one-half mile upstream of the plaintiffs’ property, which was designed to provide flood protection to Highway 20 and some other property.  Hydrogeologist reports indicated that the dike work impacted the river by cutting off natural overflow channels, thereby compressing more flood flow into the main channel and reducing the flood conveyance capacity of the river upon which the plaintiffs’ property was situated.  During a flood event, the water washed away the plaintiffs’ home.  The Supreme Court affirmed that the common enemy doctrine did not apply, which allows landowners to alter the flow of surface water to the detriment of neighbors, so long as they do not block a watercourse or natural drainway.  Instead, the Court applied the “natural watercouse rule,” which prevents parties from interfering or diverting water from a natural watercourse and damaging other properties.  Essentially, the Court concluded that the water damaging the plaintiffs’ property was water within a natural watercourse – not surface water – which subjected the County and State to liability. 

This case is troubling since many governmental agencies either actively engage in constructing flood control projects or indirectly support private citizens who sandbag their property to prevent flooding.  Apparently, now flood waters which have formed a channel when they jump the banks of the river cannot be prevented without providing for this capacity in another area of the floodplain.  Presumably flood waters that sheet flow over the floodplain would still be considered outlaw waters subject to the common enemy doctrine.