On July 31, after reading a news story about a breach involving a school district, I emailed the FTC to ask for clarification on FACTA:
I have searched and searched but cannot find a definitive answer to
the following:Are k-12 public school districts covered by FACTA? Assume for purposes
of my question that there is no lunch program on credit. My question
is more oriented as to whether the employees are covered by FACTA’s
disposal rule and identity theft protections.As I read it, FACTA applies to “consumers.” But are employees “consumers” for purposes of the statute?
Thank you for any clarification you can provide.
/Dissent
They never answered me, so on August 10, I re-sent the inquiry, noting I had received no response and would appreciate one.
They continued to ignore my inquiry, so I sent a third request on August 27.
I still haven’t gotten any response.
Why the FTC would just ignore an inquiry from a privacy advocate is puzzling. Is my question a stupid one, unworthy of a response? I doubt it, because I’ve discussed my question with a privacy law scholar, who also found himself having to guess at the answer.
If a member of Congress asks the FTC my question, will the FTC answer it? If that’s what it takes, I’ll try that route, but I really shouldn’t need to, should I?
C’mon, FTC. I know your busy, but it’s a month and a half now. I think the courtesy of a response is in order.
Does this help? https://www.tasb.org/Services/Legal-Services/TASB-School-Law-eSource/Personnel/documents/facta_and_sch_dists_aug2013
I had read that. That’s how one state’s school boards association interprets FACTA. I want to know how FTC interprets it, as they are the regulator/have enforcement authority. But thanks for trying to help.
I suggest doing it the old fashion way, send them a letter in the mail. You might want to reference the other attempts at trying to get a question answered online with no response. Unless they are lost for an answer and have reverted to visiting the archives and breaking out the ancient tomes to see if there is truly an answer, it shouldn’t take that long.
Heck, an honest quick, short reply like, we are unsure, and we have begun the search for an answer. If we find one we will let you know.
No response and no email kicked back means it should have been delivered to some email box, but who knows if that box is monitored anymore, or how often it is looked at. Send other one to them. This time simply CC everyone you can find that “works” in that establishment. Maybe some one then will have a clue and offer a response.
I’m confident they got my emails, as I’ve dealt with them many times over the years. No, they’re ignoring this one, and it may be they don’t want to commit to their interpretation of the statute. But I’ve checked with privacy law scholars who are also uncertain of the statute’s application, and in the interest of Fair Notice, I would hope that the FTC would answer the question before they might try to enforce.