Contact

The contact infrastructure for Identity Protection Authority supports inbound communication from service seekers, verified providers, researchers, and industry professionals with questions about provider network providers, scope determinations, or coverage boundaries. This page describes what geographic and topical scope the provider network covers, what information to include in a message to receive a substantive response, realistic timelines for replies, and the supplementary channels available for specific inquiry types.

Service area covered

Identity Protection Authority operates at national scope within the United States. The provider network's coverage is structured around the federal regulatory architecture governing consumer identity protection, including the Fair Credit Reporting Act (15 U.S.C. § 1681), the Federal Trade Commission's Identity Theft Program rules under 16 C.F.R. Part 603, and the FTC's consumer-facing recovery infrastructure at IdentityTheft.gov.

The provider network addresses four primary service categories that define the scope of valid contact inquiries:

  1. Identity monitoring and alert services — providers offering credit file monitoring, dark web scanning, Social Security Number tracking, and account takeover detection.
  2. Credit and financial fraud remediation — organizations involved in fraud alert placement, credit freeze administration, and dispute filing under the FCRA framework administered by the Consumer Financial Protection Bureau (CFPB).
  3. Regulatory and legal resources — public agency programs, nonprofit legal aid organizations, and licensed consumer attorneys operating within identity theft law, including relevant provisions of the Identity Theft Enforcement and Restitution Act (18 U.S.C. § 1028).
  4. Recovery and case management services — providers offering structured remediation workflows, power of attorney documentation support, and coordination with law enforcement for identity theft police reports.

Inquiries falling outside these four categories — including general cybersecurity consulting, enterprise data security, or questions about the provider network's parent network — are outside the scope this contact channel can address directly. State-specific variation in data breach notification law is acknowledged by the provider network but is not adjudicated here; as of 2023, all 50 states maintain individual data breach notification statutes, a landscape tracked by the National Conference of State Legislatures.

What to include in your message

Messages that include complete context receive faster, more precise responses. Incomplete submissions — those lacking the inquiry type, relevant category, or supporting detail — are routinely returned for clarification before any substantive engagement begins.

A well-structured message includes the following components:

  1. Inquiry category — Specify whether the message concerns a provider request, a provider correction, a coverage boundary question, a research inquiry, or a general provider network question.
  2. Entity name and type — Provide the full legal or operating name of the service provider or organization in question, along with the service category (monitoring, remediation, legal resource, or recovery).
  3. Geographic jurisdiction — Identify the primary state or states of operation. Providers serving all 50 states should state that explicitly.
  4. Regulatory or licensing details — Where applicable, reference relevant licensing bodies, statutory authorizations, or regulatory registrations. For credit-related services, cite whether the entity operates as a consumer reporting agency under the FCRA or as a third-party service provider.
  5. Supporting documentation references — Link to or name publicly accessible documents, agency registrations, or published sources that substantiate the inquiry. Unsupported factual assertions cannot be acted upon.
  6. Contact name and professional role — Messages from named individuals in identifiable professional roles are processed before anonymous submissions.

Inquiries concerning contested or inaccurate providers must include the specific provider URL from the Identity Protection Providers section, the nature of the alleged inaccuracy, and a citation to a named public source — such as an FTC enforcement action, a court record, or a state attorney general filing — that supports the correction request.

Response expectations

Response timelines vary by inquiry type and completeness. Standard provider network inquiries receive an acknowledgment as processing allows. Provider correction requests, which require internal review against named public sources, are processed as processing allows. Research or licensing-related inquiries that require scope determination review may require up to 15 business days.

Responses are not provided for:

Priority processing — defined as a response as processing allows — is reserved for verified regulatory agencies, law enforcement entities, and licensed legal professionals acting in an official capacity, provided that professional capacity is documented in the submission.

Additional contact options

For users who have reviewed provider network providers and require clarification on how the provider network is structured or how to navigate provider categories, the How to Use This Identity Protection Resource page provides detailed classification guidance without requiring a direct inquiry.

Researchers and policy professionals referencing the provider network's coverage methodology in published work may request a written scope statement for citation purposes. Such requests must identify the publication, the institutional affiliation of the requesting party, and the specific provider network sections to be cited.

Media and press inquiries follow the same submission process as standard contact. Attribution of provider network content in news coverage should reference the provider network's alignment with publicly available federal regulatory frameworks, including the FTC's identity theft program infrastructure and the CFPB's FCRA enforcement mandate, rather than attributing positions, opinions, or recommendations to the provider network itself.

Report a Data Error or Correction

Found incorrect information, an outdated fact, or a broken link? Use the form below.

To report a correction or suggest an update:

[email protected]

Please include the page URL and a description of the issue.

For general questions:

[email protected]

 ·   · 

References

Read Next

Identity Protection Listings ANA › Professional Services Authority Authority › National Cyber Authority Authority › Identity Protection Authority Identity Protection Providers The identity... Identity Protection Directory: Purpose and Scope ANA › Professional Services Authority Authority › National Cyber Authority Authority › Identity Protection Authority Identity Protection Network: Purpose and Scope... Cybersecurity Listings ANA › Professional Services Authority Authority › National Cyber Authority Authority › Identity Protection Authority Cybersecurity Providers The cybersecurity...