LifeLock will pay $100 Million for not Protecting Consumers' Personal Info
The Federal Trade Commission (FTC) hit LifeLock with the biggest fine in agency history for violating the terms of a 2010 federal court order that requires the company to secure consumers' personal information and prohibits the company from deceptive advertising.
Of the $100 million fine, $68 million will be used to provide refunds to consumers who are part of class action suit against the company.
LifeLock specializes in protection against identity theft and credit fraud, but failed to put security measures in place to protect their clients' privacy. Between October 2012 and March 2014, LifeLock failed to establish and maintain a comprehensive information security program to protect users' sensitive personal information including their social security, credit card, and bank account numbers.
During that time, the company falsely advertised that it protected consumers' sensitive data with the same high-level safeguards used by financial institutions and that it would send alerts as soon as it received indication that a consumer may be a victim of identity theft.
LifeLock also failed to abide by the original order's recordkeeping requirements.
Any money not received by consumers in the class action settlement or through settlements between LifeLock and state attorneys general will be provided to the FTC for use in further consumer redress.
In addition to the settlement's monetary provisions, recordkeeping provisions similar to those in the 2010 order have been extended to 13 years from the date of the original order.
Commissioner Maureen Ohlhausen voted no against the order.