Todd Davis, the CEO of LifeLock is not the first CEO to appear in advertising, but was probably the first to prominently display his U.S. Social Security Number in full-page ads in major newspapers and billboards across the country. Although these ads disappeared a while ago, the action brought by the Federal Trade Commission and the Attorneys General of 35 states of the United States, has now resulted in a settlement valued at $11 million. FYI, the states involved were: Alaska, Arizona, California, Delaware, Florida, Hawaii, Idaho, Illinois, Indiana, Iowa, Kentucky, Maine, Maryland, Massachusetts, Michigan, Missouri, Mississippi, Montana, Nebraska, Nevada, New Mexico, New York, North Carolina, North Dakota, Ohio, Oregon, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Vermont, Virginia, Washington, and West Virginia. The settlement resolves claims that LifeLock’s advertising was deceptive and misleading and misrepresented the types of services consumers could expect if they become victims of identity theft and their personal information was compromised.
While LifeLock does provide some measure of identity-theft protection, it was apparently not as robust and comprehensive as the advertising might lead a consumer to believe (personal information would be “useless to a criminal”). As a result of the action, not only has LifeLock promised to make changes (or has already made changes) to address the FTC complaint – in its business practices as well as its advertising – but the complaint also named CEO Davis and his co-founder Robert J. Maynard, Jr., who both will be barred from making the same misrepresentations as LifeLock. The $11 million received from LifeLock will provide refunds to consumers who signed up for the service. Information about eligibility and how the redress program will work can be obtained directly from the FTC – LifeLock Redress Program.
FTC Chairman Leibowitz stated: “Consumers received far less protection than they were promised," noting further that LifeLock’s service was ineffective against identity theft involving existing credit cards or bank accounts. Despite the advertised claims, according to the FTC, LifeLock often did not encrypt data in storage or transmission, didn’t install any antivirus protection software on computers used by employees, and failed to even require strong password protection for employees’ access to systems and files.
The documents were filed by the FTC in the U.S. District Court for the District of Arizona, and you can obtain a full copy of the original Complaint and the Stipulated Final Judgments against LifeLock, Davis and Maynard, right here: Federal Trade Commission v. LifeLock.
The Advertising Technology & Media law practice has lawyers and the resources of Rimon’s litigation and regulatory enforcement team to help clients seeking to prevent legal and regulatory problems and, if necessary, defend you if they arise. We have a team of data security and identity-theft lawyers with hands-on experience who know how to respond if a data breach occurs and can counsel you in complying with federal and state requirements. Need to know more? Call Joe Rosenbaum, or any of the lawyers at Rimon with whom you work – and, by the way, don’t give out your Social Security Number.