Lifelock Found To Be Illegally Placing Fraud Alerts On Credit Profiles

from the oops dept

There are all sorts of questions about Lifelock, the company that claims to help protect you from identify theft. There were the stories that the founders of the company had previously been involved in identity fraud operations. And, of course, there’s the whole issue with the company’s CEO becoming a victim of identity fraud, while out promoting the service, by happily displaying his social security number in ads. In response to this, rather than letting the police handle the situation, the CEO hunted down the guy who impersonated him with a camera crew and coerced a “confession” out of the guy. This basically ruined the police investigation and they gave up prosecuting the case, saying that the evidence was tainted. Oh yeah, and there’s the matter of the class action lawsuit against the company from customers who realized that Lifelock doesn’t do much to actually prevent identity theft.

However, it’s still surprising to find out that a court has ruled that Lifelock’s fraud alert services are illegal. The lawsuit was brought by Experian, one of the big credit rating agencies, complaining that Lifelock abuses the fraud alert process. By law, the credit ratings agencies need to agree to put a free fraud alert on an account at the request of the account holder if they feel they’re at risk of identity fraud. The alert requires anyone trying to open a new line of credit to first confirm with the customer before being able to extend the line of credit (basically, if someone tries to open a new credit card, the cardholder gets a call to make sure they really wanted it).

This is a free service, which lasts for 3 months — at which point you need to proactively renew it. One of Lifelock’s services is putting that alert on your accounts and promptly renewing it when the 3 months are up. Even though anyone can set their own up for free, for some people it’s worth paying Lifelock to manage that process. Experian claimed it was an abuse, well beyond what the law was intended for, and that it was costing the company a ton of money to manage all of these requests. The judge agreed, noting that the lawmakers did not appear to intend for individuals to have middlemen place and manage fraud alerts.

While I’m somewhat skeptical of Lifelock, the idea that a company can’t manage such alerts for an individual seems somewhat silly and counterproductive. The issue, though, probably isn’t so much with the ruling, but with the law. Perhaps Congress should simply fix it and make it clear that if you want to pay some company to manage such alerts for you, that’s perfectly fine.

Filed Under: ,
Companies: experian, lifelock

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Lifelock Found To Be Illegally Placing Fraud Alerts On Credit Profiles”

Subscribe: RSS Leave a comment
Eric M. says:

Re: Lifelock

Fred, the reason the fraud alert isn’t on by default, is because once that alert is in place, it can, at times be an extreme pain in the ass to open a line of credit with a store or finance anything. You have to in some cases talk with numerous credit bureau’s, answering off the wall questions that only you would know (and sometimes you won’t even know the answers), they want you to call them back from a specific phone number that you originally setup the fraud alert with. Lots of things come into play when that fraud alert is placed, and it can be a real hassle.

Fred H Schlegel (profile) says:

Re: Re: Lifelock

I guess maybe that should be the point. The problem with the current system is that a store can give out credit to a scammer and it ends up being your responsibility to prove otherwise to everyone involved. Also a pain. If the store and credit agencies took responsibility for their own mistakes then I guess it wouldn’t matter as much.

Doctor Strange says:


Unfortunately Lifelock didn’t choose a very good business model. Shame for them really. Of course, this is a real opportunity for them: not only do they have a large customer base, but they also have this jolt of increased attention from the lawsuit. Surely they will be able to leverage this and choose a better business model going forward.


Ima Fish (profile) says:

Re: Re:

Unfortunately Lifelock didn’t choose a very good business model.

God, you miss the entire point of this blog. When people here say that a company needs a new business model, it’s because the company is demanding protection of its old business model. The company wants the government, courts, ISPs, and consumers to ignore reality and enforce its business model by making any reasonable alternatives illegal.

Here, Lifelock is not demanding such protection. In fact, the only company that did demand protection was Experian. Instead of following the law and providing the locks every three months, as the law requires, it ran to court to protect itself.

So not only was your sarcasm incorrect, it was completely wrong.

Freedom says:

Poor Credit Card Companies...

I’m no fan of life lock – to me it is as useless as On-Star – at least in my life.

With that said, the problem is the that you can’t have a fraud alert flag on your account for more than 3 months. All the reporting agencies have to do is extend this period and wham they have reduce their costs of responding to life lock’s request and at the same time kicked them in the **** by making their business model/sales pitch less useful.

I hate Apple with a passion, but there are some that love it. If I’m in a business, I find a way to profit off those that use Apple. (Same story for the old days with AOL when it was the in-thing.) The Credit Card companies should realize the opporunity hear and the fact that someone is filling a niche – itstead of whining about the business filling the niche, do it yourself – after all it is your system and you should be able to have a better program than anyone.


fogbugz says:

No, they should REALLY fix the law

>>Perhaps Congress should simply fix it and make it clear that if you want to pay some company to manage such alerts for you, that’s perfectly fine.

No, they should really fix the law and let individuals put permanent blocks on their records if that is what they want to do. The credit reporting agencies don’t want this because it means they can’t sell the data on a blocked account.

NaturalDoc says:

Re: No, they should REALLY fix the law

Excellent point. Experian did nothing more than alleviate a viable option for Americans to protect themselves from criminals. It had everything to do with the money Experian was losing and had nothing to do with upholding the law. The law is supposed to be for, by and of the people, and in this case the “people” have spoken. We don’t protection from criminals. We want to give the power to them so that we can keep the reporting agencies wallets full.

Anna (profile) says:

As someone who used Lifelock, I’ve actually gotten one of those phone calls asking about extending credit, from my phone company – turned out they wanted to increase my credit limit (my teenager was racking up some LD charges chatting with his gf). That one phone call saved me several hundred dollars (they wanted to up it from $200 to $1000). Instead, I was able to get onto a different plan so the calls were free in the future.

For me, it’s worth it. (I have been notified that information had been stolen, which is why I’d signed up in the first place.)

Yes – I could, theoretically, go in and place those holds myself. But – I use online banking so that I don’t have to remember to write out checks, that’s the bank’s job. Why shouldn’t I be able to pay a company do this for me?

Yes – permanent blocks would be better – but that just ain’t gonna happen and we all know it.

Denise Richardson (profile) says:

It's all about the Benjamins -not consumers.

Simply put -Experian loses money when we consumers set fraud alerts, opt-out, etc. and that’s why they make them deactivate every 90 days. Truth is, they lobbied fiercely against our right to freeze our credit -hoping that Congress would only allow us to do so -after we became victims of an identity theft! Thanks to our advocates -they didn’t get their way on that one!

LifeLock isn’t the only company offering the convenience of placing our fraud alerts every 90 days -yet they were the only company sued because they are big enough to affect Experian’s profits. If Experian focused more on perfecting its procedures and less on its profits, LifeLock wouldn’t be even a blip on their radar. Looks like they are the ones that need to be legislated into being responsible and accountable for this now #1 crime. Why is it TransUnion is working with LifeLock in placing fraud alerts and not against them? Looks like they are trying to work together to solve the real problem and not exacerbate it for profits! See Memo to Experian: Identity Theft is the problem, NOT your competitors!

d0n0vAn says:


I am not a customer of LifeLock but I was a customer a couple years ago. I applied for a car note and VW credit called me at the dealer before extending credit to me. I liked that and I wish every entity extending credit HAD to perform the same personal interaction with a client before extending credit. Why? Because fraud costs everyone more.

Michael Thomas says:

re: Lifelock

The law (FCRA) was explicit and was clearly, specifically written to disallow companies from setting fraud alerts (using the term “individuals”). There was no question of the intent of the law to exclude companies.

The judge’s job is to respect, interpret and uphold the law. His ruling in Experian v. Lifelock did just that. In fact, the evidence was so clear and not in dispute on the claim, he issued a partial summary judgment. This means the THE CLAIM DID NOT EVEN NEED TO GO TO TRIAL. That’s how blatantly Lifelock violated the law.

The judge did his job; he upheld the law. If you don’t like it, work to get the law changed.

Now Lifelock, Debix TrustedID and similar companies are in trouble because Experian can file for injunctions to stop their illegal business practices (Debix already caved in and dumped their fraud alert product). After than comes damages. And there are still eight other claims in Experian v Lifelock that are on track to go to trial later this year.

AnonCow says:

Added work for Experian? I’m not buying that explanation. They do keep track of my credit info on computers right? It’s not like some dude has to get a box of paperwork out of a warehouse.

I’ll bet that the company requesting the credit report doesn’t have to pay Experian for the credit report or only pays a partial amount if there is a block on the customer’s account, so blocked accounts cost Experian money.

With the pervasiveness of fraud and ID theft today, wouldn’t it make sense that ALL credit files from the three agencies are, by default, blocked and the consumer has to request that it be unblocked?

Sorry, hate to muck up this discussion with common sense…

Edwina says:

Lifelock is a scam

The people at lifelock are fed free lunches, given bonuses, treated to Wii in their break rooms and sit in one of the most expensive office buildings in the state of Arizona overlooking Tempe Town Lake. They spend a TON of money on frivilous B.S. like NASCAR and their company parties are full weekends at posh country clubs. In this economy, with people taking pay cuts, what the heck is Todd Davis thinking? Give it to them Judge!

Fred (profile) says:

What gives Experian the right

Who the hell gave Experian or any of the other credit “reporting” fascists the right to exchange my personal financial data? They should be paying me directly for the privilege. I didn’t vote for them. I don’t care if having to notify everyone they track of any transaction, because their system is so insecure that any transaction IS a potential fraud, costs them money. If they lose money on their business model that’s their problem. Their lax security and automatic participation in fraud via internal “reporting” schemes is an obvious flaw in their business model, and they should be the only ones to pay the relevant costs.

Jim Moore (user link) says:


This outfit is another example of an outfit trying to find some chink is the rules, dream up some esoteric description of its “services” and get rich under the old “the sky is falling ruse:” The fraud alert is basically that for a mere $99 bucks (in my case) they will cry “wolf” for you by lying to the Credit folks. The most important part of your credit profile is your FICO score about which they do absolutely nothing. Equifax refused to sell me my credit score because my profile is under investigation, which is an euphemism for under a fake fraud alert. The reason they can “work so quietly” in the background is because they ain’t doing anything. The “business model” they seem to model is the Wall Street derivative scam which just wrecked the economy. Much more trouble than they are worth. Wonder what happened to the Freedom of Information Act? Maybe when we are planning our personal budgets, we should set up a scam fund…

Kerry (profile) says:

Opt Out Detectives

Just thought I’d share that Opt Out Detectives has a one time fee, offers the same name removal info as lifelock and more. You just do it yourself. They actually did a great blog on Todd Davis and how easily his personal info is out there. Check out the blog they did at

It’s worth a quick look…

Vladimir (user link) says:

Russian car in an Experian ad online?

EXPERIAN displays a 40 year old Russian car in their internet advertisement. LADA (ZHIGULI) car in an auto insurance ad in USA? What for? Some russian computerist is proud of achievements of his long gone homeland empire? Is a copy of a FIAT the best Russia can do, to propaganda it in USA 40 years later? 😉 Check the image out:

This is the direct link to the ad:×768&cookieEnabled=Y


Elois Clayton says:

ID Theft

Experian and the other goverment intidies, are totallyu legal, BUT, if a consumer request that Lifelock handle their transactions, to save them the time and worry of forgetting to do so, by them simply paying a monthly bill to Lifelock, then that is a consumers right, but if Lifelock is doing it illegally, by contacting credit bureaus and portraying themselves as clients, then Lifelock, IS commiting fraud.
ATTN: I have a problem with ANY company accepting a call from someone claiming to be I, without that company contacting I and confirming whether it’s I or not.
Otherwise, it IS ‘DECEPTIVE Practicing’ and should be prosecuted as FRAUD, for the law says that “if a person even attempts to commit fraud, they should be prosecuted as if they actually committed fraud” and I TOTALLY agree, regardless of wht state is invloved, for whereever it’s attempted, does NOT exempt a person for attempting to commit fraud.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...