The growth and expansion of information technology and electronic communication have made it increasingly easy to collect, maintain, and transfer personal information about individuals. Advancements in technology also have led to increasing threats to the integrity and privacy of personal information. The Fair Credit Reporting Act of 1970 (‘‘FCRA’’), as amended in 2003, required several federal agencies to issue joint rules and guidelines regarding the detection, prevention, and mitigation of identity theft for entities that are subject to their respective enforcement authorities (also known as the “identity theft red flag rules”). At the time the Agencies adopted their rules; the…