By Mary Tomkins on Tuesday, 09 March 2010
Category: Economy & Current Events

LifeLock Customers Getting a Refund

Since 2006, Lifelock Inc. ads have claimed that it could prevent identity theft for consumers willing to sign up for its $10-a-month service. The company even went so far as to put the CEO's social security number on the side of a truck in big, bold print as if daring any identity thief to steal it.

The Federal Trade Commission reported today that Lifelock, Inc. has agreed to a $12 million settlement for making false claims to promote their service.

It's one of the largest FTC-state coordinated settlements on record. Under the settlement, Lifelock is barred from making deceptive claims and is also required to take more stringent measures to safeguard the personal information they collect from customers.

Some of the claims in the past made by Lifelock:

"By now you’ve heard about individuals whose identities have been stolen by identity thieves . . . LifeLock protects against this ever happening to you. Guaranteed."

"Please know that we are the first company to prevent identity theft from occurring."

"Do you ever worry about identity theft? If so, it’s time you got to know LifeLock. We work to stop identity theft before it happens."

FTC Chairman Jon Leibowitz said, "While LifeLock promised consumers complete protection against all types of identity theft, in truth, the protection it actually provided left enough holes that you could drive a truck through it."

The FTC charged that Lifelock only protected against certain forms of identity theft - the type where the thief applies for new credit accounts by using the victim's personal information such as a social security number. According to an FTC survey conducted in 2007, new account fraud made up only 17% of identity theft incidents.

But Lifelock's services did nothing to stop the most common form of identity theft - crooks fraudulently using customers' existing accounts, such as when a credit card number is stolen. It also didn't offer any protection against the type of fraud where a crook steals someone's identity to obtain medical care or to get a job.

"And even for types of identity theft for which fraud alerts are most effective, they do not provide absolute protection," the FTC said in a statement. "They alert creditors opening new accounts to take reasonable measures to verify that the individual applying for credit actually is who he or she claims to be, but in some instances, identity thieves can thwart even reasonable precautions."

The FTC’s complaint further alleged that LifeLock also claimed that it would prevent unauthorized changes to customers’ address information, that it constantly monitored activity on customer credit reports, and that it would ensure that a customer always would receive a telephone call from a potential creditor before a new account was opened. The FTC charged that those claims were false.

In addition to deceptive identity theft protection claims, the FTC alleged that LifeLock made claims about its own data security that were not true. According to the FTC, LifeLock routinely collected sensitive information from its customers, including their social security numbers and credit card numbers.

The FTC also charged that the company made false claims regarding the security measures taken with customer's personal information.

The FTC charged that LifeLock’s data was not encrypted, and sensitive consumer information was not shared only on a “need to know” basis as LifeLock has claimed.

According to the FTC, LifeLock claimed to use "highly secure physical, electronic, and managerial procedures to safeguard the confidentiality and security of the data you provide to us." In fact, the agency charged, the company’s data system was vulnerable and could have been exploited by those seeking access to customer information.

"This agreement effectively prevents LifeLock from misrepresenting that its services offer absolute prevention against identity theft because there is unfortunately no foolproof way to avoid ID theft," Illinois Attorney General Lisa Madigan said. "Consumers can take definitive steps to minimize the chances of having their personal information stolen, and this settlement will help them make more informed decisions about whether to enroll in ID theft protection services."

Of the settlement, $11 million will be paid to the FTC to reimburse LifeLock customers and $1 million will be paid to a group of 35 state attorneys.

The FTC will be sending letters to the current and former customers of LifeLock who may be eligible for refunds under the settlement, along with instructions for applying. Customers do not have to contact the FTC to be eligible for refunds. Up-to-date information about the redress program can be found at 202-326-3757 and at www.ftc.gov/lifelock.



Source:
Federal Trade Commission
Leave Comments