DiscGo
03-10-2010, 08:14 AM
LifeLock Has To Pay $12 Million For Bogus Advertising, Little Actual Protection And Awful Security
...The FTC (along with 35 state attorneys general) has fined Lifelock $12 million for a variety of misdeeds, starting with bogus advertising. This should be no surprise to Techdirt readers, as the discussions around LifeLock have always raised a lot more questions than were answered. It kicked off with the fact that LifeLock's CEO, who proudly places his Social Security Number on ads to "prove" how convinced he is that LifeLock will protect him... was a victim of identity fraud himself. Oh, and there was also the stuff about how one of the founder's of the company had a past that involved doing bad things with the private information of his own customers. And then there was the story about how the CEO of LifeLock, after having his own identity fraudulently used, went to the home of the guy who did it to "coerce a confession."
But the bigger questions were about the service itself. All it really did was put a fraud block on your credit, which you could do for free. It didn't stop people from using your existing credit cards if they had access to the information, or from taking out loans in your name (which is what happened to the CEO) -- even though its advertisements implied you'd be safe from such situations (which are more common than someone taking out a credit card in your name). Oh, and then there was the fact that the fraud reports that Lifelock would put on accounts were found to be illegal.
All that looks pretty bad -- and it gets worse as you read the details of the FTC slapdown. There was the questionable advertising, which went beyond just false implied promises -- to sending out letters that tried to claim that the recipient's info "wasn't safe" as a scare tactic. On top of that, apparently, LifeLock itself wasn't particularly secure with how it handled its customers private information. This fact looks even worse when you realize that LifeLock would prey on firms who had recently had data breaches, and suggest they sign up customers for a "free" year of LifeLock -- thereby putting their data at risk yet again. Not only was the data not properly handled, but LifeLock falsely claimed that the data was encrypted and only authorized employees would have access. Neither turned out to be true. Basically, it sounds like rather than protect your identity, LifeLock put you at greater risk.
http://techdirt.com/articles/20100309/1455598482.shtml
...The FTC (along with 35 state attorneys general) has fined Lifelock $12 million for a variety of misdeeds, starting with bogus advertising. This should be no surprise to Techdirt readers, as the discussions around LifeLock have always raised a lot more questions than were answered. It kicked off with the fact that LifeLock's CEO, who proudly places his Social Security Number on ads to "prove" how convinced he is that LifeLock will protect him... was a victim of identity fraud himself. Oh, and there was also the stuff about how one of the founder's of the company had a past that involved doing bad things with the private information of his own customers. And then there was the story about how the CEO of LifeLock, after having his own identity fraudulently used, went to the home of the guy who did it to "coerce a confession."
But the bigger questions were about the service itself. All it really did was put a fraud block on your credit, which you could do for free. It didn't stop people from using your existing credit cards if they had access to the information, or from taking out loans in your name (which is what happened to the CEO) -- even though its advertisements implied you'd be safe from such situations (which are more common than someone taking out a credit card in your name). Oh, and then there was the fact that the fraud reports that Lifelock would put on accounts were found to be illegal.
All that looks pretty bad -- and it gets worse as you read the details of the FTC slapdown. There was the questionable advertising, which went beyond just false implied promises -- to sending out letters that tried to claim that the recipient's info "wasn't safe" as a scare tactic. On top of that, apparently, LifeLock itself wasn't particularly secure with how it handled its customers private information. This fact looks even worse when you realize that LifeLock would prey on firms who had recently had data breaches, and suggest they sign up customers for a "free" year of LifeLock -- thereby putting their data at risk yet again. Not only was the data not properly handled, but LifeLock falsely claimed that the data was encrypted and only authorized employees would have access. Neither turned out to be true. Basically, it sounds like rather than protect your identity, LifeLock put you at greater risk.
http://techdirt.com/articles/20100309/1455598482.shtml