Lifelock Found To Be Illegally Placing Fraud Alerts On Credit Profiles
from the oops dept
There are all sorts of questions about Lifelock, the company that claims to help protect you from identify theft. There were the stories that the founders of the company had previously been involved in identity fraud operations. And, of course, there’s the whole issue with the company’s CEO becoming a victim of identity fraud, while out promoting the service, by happily displaying his social security number in ads. In response to this, rather than letting the police handle the situation, the CEO hunted down the guy who impersonated him with a camera crew and coerced a “confession” out of the guy. This basically ruined the police investigation and they gave up prosecuting the case, saying that the evidence was tainted. Oh yeah, and there’s the matter of the class action lawsuit against the company from customers who realized that Lifelock doesn’t do much to actually prevent identity theft.
However, it’s still surprising to find out that a court has ruled that Lifelock’s fraud alert services are illegal. The lawsuit was brought by Experian, one of the big credit rating agencies, complaining that Lifelock abuses the fraud alert process. By law, the credit ratings agencies need to agree to put a free fraud alert on an account at the request of the account holder if they feel they’re at risk of identity fraud. The alert requires anyone trying to open a new line of credit to first confirm with the customer before being able to extend the line of credit (basically, if someone tries to open a new credit card, the cardholder gets a call to make sure they really wanted it).
This is a free service, which lasts for 3 months — at which point you need to proactively renew it. One of Lifelock’s services is putting that alert on your accounts and promptly renewing it when the 3 months are up. Even though anyone can set their own up for free, for some people it’s worth paying Lifelock to manage that process. Experian claimed it was an abuse, well beyond what the law was intended for, and that it was costing the company a ton of money to manage all of these requests. The judge agreed, noting that the lawmakers did not appear to intend for individuals to have middlemen place and manage fraud alerts.
While I’m somewhat skeptical of Lifelock, the idea that a company can’t manage such alerts for an individual seems somewhat silly and counterproductive. The issue, though, probably isn’t so much with the ruling, but with the law. Perhaps Congress should simply fix it and make it clear that if you want to pay some company to manage such alerts for you, that’s perfectly fine.