Update: LifeLock to pay $12M to settle FTC, states' complaint
IDG News Service - LifeLock, an Arizona company promising customers protection from identity theft, has agreed to pay $12 million to settle charges that the company overstated its benefits and used "scare tactics" to gain subscribers.
Since 2006, LifeLock has promised in television and newspaper advertisements that it would protect customers from ID theft, but a complaint from the U.S. Federal Trade Commission and 35 state attorneys general said the company over-promised what benefits it could provide.
The company's $10-a-month subscription service provided some benefits, but "this was a fairly egregious case of deceptive advertising," said Jon Leibowitz, the FTC's chairman. "They promised protection, and they didn't deliver."
LifeLock's service, focused on fraud alerts for new accounts set up in a customer's name, could not protect customers from several types of ID theft, including misuse of existing credit accounts, Leibowitz said.
The company also told customers it encrypted their personal data and shared it between employees only on a "need-to-know" basis. However, LifeLock did not use encryption for personal data, the FTC said. The company's system was vulnerable to attacks, the FTC alleged.
A LifeLock spokeswoman did not immediately respond to a voice mail and an e-mail message asking for comments on the settlement.
One LifeLock TV ad showed a truck driving around a city with company Chairman and CEO Todd Davis' Social Security number written in large numbers on the side of the truck. Davis was later a victim of ID theft.
One of LifeLock's ads said its service prevented ID theft from "ever happening to you. Guaranteed." But the FTC knows of "several hundred" LifeLock customers who were victims of ID theft after subscribing to the service, Leibowitz said during a press conference in Chicago.
"There is nothing you can do or purchase that will provide you with a 100 percent guarantee against being a victim of identity theft," said Lisa Madigan, attorney general for Illinois. "But that doesn't mean you should do nothing."
U.S. residents can take several steps to help protect themselves against ID theft, including getting a free credit report once a year, Madigan said. But LifeLock sent prospective customers letters warning them they were at risk for ID theft.
"Don't be scared into spending your hard-earned money," Madigan said. "This is the typical tactic of scam artists."
LifeLock, despite promising it would pay up to $1 million for any ID theft losses suffered by customers, did not pay out-of-pocket expenses that customers incurred in trying to resolve ID theft problems, Madigan said.
The company will pay $11 million to the FTC and $1 million to the states to resolve the complaints, the FTC said. The FTC money will be used to reimburse LifeLock customers, Leibowitz said.
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5
- This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms
- In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86
- Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye
- Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe. All Government IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Government IT Webcasts