News & Articles‎ > ‎Articles‎ > ‎

FTC Takes Action Against LifeLock for Alleged Violations of 2010 Order

posted Jul 21, 2015, 12:36 PM by Resty Manapat

FTC Asserts LifeLock Failed to Institute Security Program And Misled Consumers About Its Identity Protection Services

The Federal Trade Commission today asserted that LifeLock violated a 2010 settlement with the agency and 35 state attorneys general by continuing to make deceptive claims about its identity theft protection services, and by failing to take steps required to protect its users’ data.

In documents filed with the U.S. District Court for the District of Arizona, the FTC charged that LifeLock failed to live up to its obligations under the 2010 settlement, and asked the court to impose an order requiring LifeLock to provide full redress to all consumers affected by the company’s order violations.

“It is essential that companies live up to their obligations under orders obtained by the FTC,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection. “If a company continues with practices that violate orders and harm consumers, we will act.”

The 2010 settlement stemmed from previous FTC allegations that LifeLock used false claims to promote its identity theft protection services. The settlement barred the company and its principals from making any further deceptive claims; required LifeLock to take more stringent measures to safeguard the personal information it collects from customers; and required LifeLock to pay $12 million for consumer refunds.

The FTC charged today that in spite of these promises, from at least October 2012 through March 2014, LifeLock violated the 2010 Order by: 1) failing to establish and maintain a comprehensive information security program to protect its users’ sensitive personal data, including credit card, social security, and bank account numbers; 2) falsely advertising that it protected consumers’ sensitive data with the same high-level safeguards as financial institutions; and 3) failing to meet the 2010 order’s recordkeeping requirements.

The FTC also asserts that from at least January 2012 through December 2014, LifeLock falsely claimed it protected consumers’ identity 24/7/365 by providing alerts “as soon as” it received any indication there was a problem.

Details of the FTC’s action against the company were filed under seal. The court will determine which portions of the case will be unsealed.

The Commission vote to file the application for a show cause order was 4-1, with Commissioner Maureen K. Ohlhausen voting no.

 

Source: Federal Trade Commission

Comments