Subscribe

RSSAdd blog to your RSS reader

All Topics

Contact Us

212.451.2258

ADVERTISING@OLSHANLAW.COM

LifeLock Settles Charges by the FTC and 35 States That Identity Theft Prevention and Data Security Claims Were False

On March 9, 2010 the identity theft protection service, LifeLock, settled charges made by the Federal Trade Commission and 35 states alleging that the company made false claims.

On March 9, 2010 the identity theft protection service, LifeLock, settled charges made by the Federal Trade Commission and 35 states alleging that the company made false claims. The settlement would provide $11 million to the FTC and $1 million to the group of states that include California, Florida, Massachusetts, New York and Pennsylvania. Moreover, LifeLock and its co-founders will be barred from making any deceptive claims about its services and will be required to take strict measures to safeguard the sensitive information of their customers.

The FTC, in its complaint, stated that LifeLock had claimed it could guarantee that identity theft would never happen to customers who purchase its services. To prove this point, it even advertised the CEO's social security number as a demonstration of total confidence. Moreover, LifeLock claimed that it is the "first company to prevent identity theft from occurring" and it "stop[s] identity theft before it happens." According to the FTC's Chairman, Jon Leibowitz, these claims are blatantly false and "the protection it actually provided left enough holes that you could drive a truck through it."

Allegedly, LifeLock provided no protection against the misuse of existing accounts, which happens to be the most common form of identity theft. Its services also provided no protection from medical or employment identity theft. More importantly, information given directly to LifeLock, such as social security and credit card numbers, was also inadequately protected. LifeLock claimed that only authorized employees of LifeLock had access to the information, that it was only provided on a "need-to-know" basis and that the storage of the date was electronically encrypted. The FTC explicitly negated these statements and even stated that the company's system was vulnerable and could have been exploited.

The FTC will be sending out letters to eligible former and current LifeLock customers and will use the money from the settlement to provide refunds to those consumers.

To learn more about our Marketing and Promotions practice, click here.

Back to Page