LifeLock ordered to pay $100M to consumers
WASHINGTON - LifeLock is paying $100 million to consumers to settle charges by federal regulators that it failed to take adequate measures to protect customers' personal data under a court order.
WASHINGTON - LifeLock is paying $100 million to consumers to settle charges by federal regulators that it failed to take adequate measures to protect customers' personal data under a court order.
The Federal Trade Commission announced the settlement Thursday with the provider of identity-theft protection.
The agency says it's the largest settlement it has won in this type of enforcement case.
The 2010 order by a federal court required LifeLock Inc. to secure customers' data, such as credit card and Social Security numbers, and to avoid false advertising claims. The order resulted from an action brought by the FTC and attorneys general in 35 states, alleging that LifeLock used false claims to promote its services. The company paid $12 million in that settlement, which went mostly to customer refunds, and agreed to make changes to its business practices.
The FTC said that LifeLock violated the order by failing to maintain "a comprehensive information-security program" and to avoid deceptive advertising.
LifeLock is based in Tempe, Ariz. Company cofounder and CEO Todd Davis used to put his own Social Security number on business cards and company trucks to advertise LifeLock's services.
LifeLock noted Thursday that it neither confirms nor denies the government's allegations under terms of the new settlement. Once it is approved by the court, the settlement will help bring to a close the FTC case as well as a class-action lawsuit, the company said.
"The allegations raised by the FTC are related to advertisements that we no longer run and policies that are no longer in place," LifeLock said in a statement. "The settlement does not require us to change any of our current products or practices. Furthermore, there is no evidence that LifeLock has ever had any of its customers' data stolen, and the FTC did not allege otherwise."
In the latest action, the FTC alleged that LifeLock violated the 2010 order in 2012-14. For example, the company falsely advertised that it would send alerts to customers "as soon as" it saw signs of possible identity theft, the agency said.
Of the $100 million LifeLock is paying consumers, $68 million may be used to reimburse consumers for fees paid to LifeLock under the class-action suit. The remaining $32 million will go to the FTC.