Originally published at Clarionledger.com on 7/29/2015.
We’ve all heard and seen the ads by LifeLock, which aggressively promote the company’s services of being able to protect and defend consumers against identity thieves. A pioneer of sorts in what was to become a highly profitable industry in a nation worried by potential identity theft, the company now is public and has a reported 3.6 million customers. But LifeLock now finds itself in hot water once again with federal regulators, who say they failed to live up to a 2010 settlement regarding alleged deceptive advertising and failing to practice what it preaches when it comes to its own customers.
The Federal Trade Commission last week asserted that LifeLock violated a 2010 settlement with the agency and 35 state attorneys general by “continuing to make deceptive claims about its identity theft protection services, and by failing to take steps required to protect its users’ data,” the FTC said in a news release.
“It is essential that companies live up to their obligations under orders obtained by the FTC,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection. “If a company continues with practices that violate orders and harm consumers, we will act.”
In the 2010 settlement, the FTC accused LifeLock of telling customers its services could provide a wide umbrella of protection against identity theft, but an FTC official noted at the time that the protection “left enough holes that you could drive a truck through it.” Furthermore, the company was accused of failing to protect its customers’ personal information — a key principle on which the company is founded. LifeLock was required to pay $12 million in refunds, ordered to start a stringent program to protect customer information and was barred from making any more “deceptive claims.” The company agreed to do so in the settlement.
But last week in an Arizona federal court, the FTC charged that from “at least October 2012 through March 2014,” LifeLock violated the 2010 Order by: 1) failing to establish and maintain a comprehensive information security program to protect its users’ sensitive personal data, including credit card, Social Security and bank account numbers; 2) falsely advertising it protected consumers’ sensitive data with the same high-level safeguards as financial institutions; and 3) failing to meet the 2010 order’s record-keeping requirements.
The FTC also asserts that from at least January 2012 through December 2014, LifeLock “falsely claimed it protected consumers’ identity 24/7/365 by providing alerts ‘as soon as’ it received any indication there was a problem.”
After the action was announced last week, CNBC reported that LifeLock stock plunged 49 percent. For its part, LifeLock disagrees with the claims. In a statement, the company noted, it is “prepared to take our case to court.”
“Security of our systems has always been, and will remain, of primary importance to us,” LifeLock’s statement read. “Based on the evidence, we do not believe that anything the FTC is alleging has resulted in any member’s data being taken.”
I often get asked the question if people really need services like those provided by LifeLock and other companies. Neither LifeLock nor any company can prevent identity theft from happening; it’s a crime of opportunity, often financed by international criminal organizations with deep pockets, taking advantage of security vulnerabilities. Sometimes, it’s just a simple matter of a greedy person sensing an opportunity. But if an identity thief wants your information badly enough, he can probably get it. If a monitoring system is alert enough, it could warn you if someone attempts to use your account (but then, so do most credit card companies).
And in reality, if you do become a victim, you can do much of the work of clearing your name for free, if you are willing to do it. Recovering from identity theft takes time and persistence, though; if considering an identity theft monitoring service, be sure you understand exactly what you can expect. Consumer Reports has an informative article at http://bit.ly/1mgRVSK. Financial Finesse (http://bit.ly/1Mt0Y0A) has some good advice as well.
And — just as you take action to protect your personal security such as locking your car door — you can decrease your risk by being careful. Adopt habits like shredding your documents, using passwords that are hard to guess, and not allowing your credit card out of your sight at restaurants. As always, vigilance is the key.