Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

LifeLock Fails Customers: Must Pay Record $100 Million Dollars

December 21, 2015

The Federal Trade Commission (FTC) announced on December 17th that LifeLock will pay $100 million to settle FTC contempt charges that it violated the terms of a 2010 federal court order that required the company to secure consumers’ personal information and prohibited the company from deceptive advertising. That is the largest monetary award obtained by the FTC in an order enforcement action.

The FTC’s filing in the case alleged that LifeLock violated four components of the 2010 order. First, the FTC alleged that from at least October 2012 through March 2014, LifeLock failed to establish and maintain a comprehensive information security program to protect users’ sensitive personal information including their social security, credit card and bank account numbers.

Second, the filing alleged that during this period LifeLock falsely advertised that it protected consumers’ sensitive data with the same high-level safeguards used by financial institutions. Third, the FTC alleged that, from January 2012 through December 2014, LifeLock falsely advertised that it would send alerts “as soon as” it received any indication that a consumer might be a victim of identity theft. Finally, the FTC alleged that the company failed to abide by the order’s recordkeeping requirements.

Under the terms of the settlement, LifeLock must deposit $100 million into the registry of the U.S. District Court for the District of Arizona. Of that $100 million, $68 million may be used to redress fees paid to LifeLock by class action consumers who were allegedly injured by the same behavior alleged by the FTC. These funds, however, must be paid directly to and received by consumers, and may not be used for any administrative or legal costs associated with the class action.

Any money not received by consumers in the class action settlement or through settlements between LifeLock and state attorneys general will be provided to the FTC for use in further consumer redress.

In addition to the settlement’s monetary provisions, recordkeeping provisions similar to those in the 2010 order have been extended to 13 years from the date of the original order.

You may recall that LifeLock’s CEO, Todd Davis, famously advertised his company’s services by displaying his social security number in ads. That act of hubris reportedly resulted in Davis’ identity being stolen 13 times. Poetic justice.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

LifeLock Fails Customers: Must Pay Record $100 Million Dollars

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer