Government

Announcing your social security number on national radio is a bad idea

When LifeLock CEO Todd Davis started announcing his social security number to the world, security gurus everywhere predicted trouble on the horizon. So it will not surprise anyone that Lifelock is now the focus of two different lawsuits, both focusing on the ineffectiveness of the service.

In a series of commercials that have caused everyone in the security industry to roll their eyes and/or wince loudly, LifeLock's CEO, Todd Davis, offers up his Social Security number as "proof" that his company can keep a client's identity from being stolen. But according to a class action lawsuit originating in Maryland, New Jersey, and West Virginia, the service fails to deliver. In fact, it has even failed Mr. Davis.

From the Associated Press:

Attorney David Paris said he found records of other people applying for or receiving driver's licenses at least 20 times using Davis' Social Security number, though some of the applications may have been rejected because data in them didn't match what the Social Security Administration had on file.

Davis acknowledged in an interview with The Associated Press that his stunt has led to at least 87 instances in which people have tried to steal his identity, and one succeeded: a guy in Texas who duped an online payday loan operation last year into giving him $500 using Davis' Social Security number.

Paris said the fact Davis' records were compromised at all supports the claim that Tempe, Ariz.-based LifeLock doesn't provide the comprehensive protection its advertisements say it does.

"It's further evidence of the ineffectiveness of the services that LifeLock advertises," said Paris, who is lead attorney on the three new lawsuits, the latest of which was filed this month.

Basically, all LifeLock really does for the consumer is place a fraud alert on credit accounts and arrange for the consumer to receive three credit reports a year. It doesn't guard against Drivers License fraud, medical fraud, or any fraud committed that doesn't go through a credit reporting bureau. Any consumer can do the things that LifeLock charges $100 a year to do for free. It only requires the consumer to take a few minutes and make the requests.

Each of the credit reporting bureaus will provide you with a copy of your credit report free each calendar year. And you can place a fraud alert with all three credit reporting bureaus by going to their Web sites and filling out an online form. So really, all LifeLock does is provide a convenience factor.

More from the Associated Press

LifeLock is also being sued in Arizona over its $1 million service guarantee, which the plaintiffs claim is misleading because it only covers a defect in LifeLock's service, and in California by the Experian credit bureau. Experian accuses LifeLock of deceiving consumers about the breadth of its protection and abusing the system for attaching fraud alerts to credit reports.

Security experts say complaints about the company reinforce the time-honored wisdom of keeping your Social Security number secret.

"There's been a lot of marketing, a lot of hype about LifeLock," said Paul Stephens, director of policy and advocacy with the Privacy Rights Clearinghouse, a nonprofit consumer advocacy organization. "The question is, 'How much protection does it really buy you?'"

"There is no company that can guarantee they can protect you (completely) against identity theft," Stephens said. "Absolutely nobody can do that."

I try very hard to keep my support customers aware of best practices where their own information is concerned. When Todd Davis started blaring his SSN in his commercials, I got more than one question asking if LifeLock was so good a service that it would be safe to do that. My answer has been a consistent "No."

What things do you teach your end users about safeguarding their personal information online?

18 comments
cavlosnap
cavlosnap

using ones SSN for anything but SSN purposes is stupid. My guess is a way back when when SS started some administrative toady sold the idea to the the elected simpletons of the SSN as a universal ID number A name and SSN is hardly adequate proof of a persons Identity but there are a multitude of simple to remember things that only the genuine individual would know. Perhaps the problem would be diminished if merchants were not so eager to grant credit to every yahoo that walks in off the street looking for a loan. Besides I wonder how serious the problem really is. After all experience has shown that creating a problem then offering a solution is a great way to make a fortune!

CharlieSpencer
CharlieSpencer

Just from seeing the title on the 'Discussions' page I knew you were going to discuss Davis and Lifelock. In addition to the questionable approach of announcing his SSN, he's nowhere near as entertaining as the "Free Credit Report.com" guys.

NotSoChiGuy
NotSoChiGuy

That's spells free creditreport.com baby Credit score was whack Now I'm driving in a used sub-compact That is my second favorite commercial on TV (like saying world's second tallest midget, I suppose)...behind the Walk of No Shame (first time I saw this commercial, I spit out my drink across the room, I laughed so hard). On a serious note, the first time I saw the Lifelock commercial, I said to my wife "I give it 6 months before someone hacks his info". I was a little off on the time, but not by much. Problem is people continually underestimate the criminal element. For each numnut criminal that gets arrested and given the perp walk on TV, there is another one behind the scenes, far too smart to get caught. Hell, even goofs like OJ and Drew Peterson are walking free.

Mond0
Mond0

The Fair and Accurate Credit Transaction Act of 2003 (FACTA) entitles consumers to obtain, once a year, a free copy of their credit reports from each of the three major credit-reporting bureaus -- Equifax, Experian, and TransUnion. The site set up to deliver those reports is www.annualcreditreport.com.

jdclyde
jdclyde

http://creditreport.org is the REAL site, and it is REALLY free. the com site is a commercial site with a 30 free INTRO, where you HAVE to cancel before that time to keep from being charged. Never fall for the intros. They are COUNTING on people being to lazy to cancel until it is to late.

Tig2
Tig2

F-R-E-E That spells free So far, all of their commercials have been entertaining. The restaurant one is the best though.

john
john

note to self: UNSUBSCRIBE :)

pjschloemer
pjschloemer

You have got to be kidding ?! hahaha what does this have to do with IT ? everything moron! You must have FAILED any security classes or courses ( If you even got that far) in school and ( if you even went to school for anything in the IT field) You would have learned that Security in IT is a huge HUGE issue and needs to be addressed in all possible ways, Including what the dough brain in the article is been doing , People do use their SS numbers on COMPUTERS and banking and other stuff , I am also sure this company has a web site too.. OMG go Back to school and TAKE the Security courses in IT Dumb ass!

jdclyde
jdclyde

Clearly you didn't add anything of value. I am sure you're used to that, huh?

NickNielsen
NickNielsen

IT! the movie (http://www.imdb.com/title/tt0061826/) or Information Technology? If the former, you are absolutely correct. If the latter, you are so wrong you epitomize the definition of a consultant as a gelding in a field of stallions.

Tig2
Tig2

When those commercials came out, there were a lot of people who said- well if the CEO trusts them that much, it MUST be a good service. But as the class action suits against the company indicate, maybe not so much. I don't think that anyone in support can afford to forget that we are often the only resource that an end user has for making decisions about security. I do hope that you hang out awhile and read. There's a lot of good stuff on TR.

CharlieSpencer
CharlieSpencer

There's literally hundreds of new tech articles posted here each month. Just because one article doesn't appeal to you doesn't mean it isn't important to others. This concerns data security, a topic important to many members and the non-IT personnel they support. Pull your panties down out of your crack, lurk a while, and you just might learn something. Otherwise, watch that screen door; we have to replace it every few months.

JamesRL
JamesRL

It has a lot to do with IT. Security of personal information is a key concern to many members here. The internet has made it easier for information theives to share and sell information like this. My credit card information was stolen by someone hacking into my ISP, who also got my billing address and other personal stuff. James

Tig2
Tig2

I have winced more than once on hearing LifeLock CEO Todd Davis announce his SSN on his pervasive radio ads. Fortunately, it hasn't resulted in a large number of end users suddenly becoming more lax in their personal security. But it does prompt questions. How do you teach your end users about personal safety and the Internet? What are your Best Practices?

boxfiddler
boxfiddler

was the Mr. Davis had just dared every cracker on the planet to invade his network and steal as much information as possible.

GSG
GSG

I thought it was just a big dare. My second thought was, "What a knob."

Editor's Picks