FTC says ID protector LifeLock violates settlement

The U.S. government says identity theft protection company LifeLock is still misleading consumers about the level of protection it provides, violating a $12-million settlement with regulators and 35 states.

The Federal Trade Commission says LifeLock did not set up a program to protect sensitive data like credit card numbers, Social Security numbers and bank account numbers, which the company agreed to do as part of the 2010 settlement.

The agency also says LifeLock didn’t keep records it had agreed to maintain and has falsely advertised that consumers’ data received the same level of protection as financial institutions get and that consumers would be alerted as soon as the company discovered a potential problem.

The FTC said Tuesday it asked a court to order LifeLock to provide redress to consumers.

In March of 2010, LifeLock agreed to pay $12 million and make changes to its business practices as part of a settlement with the FTC and 35 states. Most of the money was used to cover the cost of customer refunds. In court documents, the FTC says LifeLock violated parts of the order as recently as December 2014.

LifeLock says the FTC’s actions and statements are related to past business practices and that it is prepared to defend itself in court. The Tempe, Ariz.-based company says it has been cooperating and talking to the agency for a year and a half.

LifeLock said its revenue grew 25% to $134 million in the first quarter and that it set a record for new member growth as companies and government institutions continued to report data breaches. It had about 3.9 million members at the end of the quarter.