Identity theft protection service LifeLock is once again in hot water with the federal government. Earlier today, the U.S. Federal Trade Commission (FTC) charged that the company is making deceptive claims about its services and has failed to protect its own customers’ personal data in violation of a 2010 settlement over similar charges.
In 2010, LifeLock agreed to pay $11 million to the FTC and $1 million to a group of 35 state attorneys general to settle charges of false advertising. LifeLock was charged with failing to encrypt its own customers’ data (among other problems) and was ordered to establish “a comprehensive data security program” as part of the settlement. The government also imposed a record-keeping requirement on LifeLock.
Now, the FTC is charging that LifeLock has failed to live up with the 2010 agreement by not protecting the credit card, bank account and social security data of its customers. It is also alleged that LifeLock continues to engage in false advertising with respect to its data security program.
“It is essential that companies live up to their obligations under orders obtained by the FTC,” says FTC Bureau of Consumer Protection Director Jessica Rich. “If a company continues with practices that violate orders and harm consumers, we will act.” LifeLock, for its part, says that it disagrees with the FTC assessment and insists its current business practices are on the up and up.
Specific details of the FTC action were filed under seal with the U.S. District Court for the District of Arizona. It is up to the court to decide what details about the case to make public.
Want real protection against identity theft? Check out our story The Best Way to Stop Identity Theft, which offers some free ways to keep your data safe. You should also make note of the FTC’s own recovery site for identity theft victims, which has key information for dealing with all the varied types of identity-related crimes.
[Image credit: LifeLock]
