Lifelock, the tragicomically awful identity-theft protection service, has settled the FTC's suit against it, agreeing to pay a $100M fine for violating its 2010 promise to end its deceptive advertising practices.
You may remember Lifelock from such craptastic moments as: Anti-identity-theft huckster has had identity stolen at least 13 times and this week's How a man stalked his ex-wife using a popular identity theft protection service.
Lifelock previously stated that the FTV would have to prevail in court to get any money out of it, because it had not done anything wrong.
Under the previous deal, LifeLock was barred from making deceptive claims about services and was required to take more stringent measures to safeguard the personal information it collects from customers.
LifeLock had essentially promised not to misrepresent that its services offer “absolute protection against identity theft because there is, unfortunately, no foolproof way to avoid ID theft.”
But those are promises LifeLock hasn’t abided by, the FTC claims in its recently filed order.
According to the FTC, LifeLock failed to establish and maintain a comprehensive information security program to protect users’ sensitive personal information, including their social security, credit card and bank account numbers.
Despite these failings, the company routinely advertised that it protected consumers’ sensitive data with the same high-level safeguards used by financial institutions.
From January 2012 through December 2014, the FTC alleges that LifeLock falsely advertised it would send alerts “as soon as” it received any indication that a consumer may be a victim of identity theft.
Additionally, the complaint states that LifeLock violated its previous order by failing to establish and maintain a comprehensive information security program to protect its users’ sensitive personal data, including credit card, social security, and bank account numbers.
Identity Theft Company LifeLock Once Again Failed To Actually Keep Identities Protected, Must Pay $100M