Judge Rules LifeLock’s Fraud Alert Service Illegal

In a decision that has privacy advocates and others scratching their
heads, a federal judge has ruled that LifeLock has been
breaking California law for years by placing fraud alerts on its
customer’s credit profiles.

The decision is a blow to the burgeoning identify-theft protection industry, and means that companies that experience data breaches may no longer be able to offer victims free subscriptions to such services — a
standard damage-control tactic in recent years. Consumers can still place fraud alerts by contacting one of the three U.S. credit reporting agencies directly.

Bo Holland, founder and CEO of Debix, a competitor of LifeLock, called the ruling “dramatic and unexpected.”

“It causes a real shift in the industry,” he told Threat Level.

The pre-trial partial summary judgment comes in a lawsuit filed last year against LifeLock by Experian, one of the nation’s three credit reporting bureaus. Experian claimed LifeLock is trying to “game the system” of fraud alerts to make a profit.

LifeLock, a controversial company that gained notoriety for publishing its CEO’s Social Security number in advertisements
charges $120 a year to consumers to place fraud alerts on their credit profiles, among other services. The company also offers a $1 million guarantee to reimburse the expenses of any customer who suffers losses from identity theft while subscribed to LifeLock.

Continue Reading at WIRED