Thieves Steal LifeLock CEO's ID 13 Times -- and Show the Danger of Challenging Your Customers

Last Updated May 19, 2010 5:36 PM EDT

The fact that Todd Davis, the CEO of Lifelock, had his identity stolen 13 times after he published his social security number in ads that "guaranteed" his service could stop identity theft illustrates an old chestnut of the advertising world: Never make a selling proposition that can be answered in the negative.

Usually, advertisers make this mistake when they become so enamored of their own products that they ask a question they believe consumers will only answer "yes" to. The best recent example of this was Nike's (NKE) Tiger Woods ad, in which the golfer's father is heard asking his son, "Did you learn anything?" We're supposed to conclude that Woods has learned his lesson about hookers and porn stars, but the ad invites consumers to come up with their own, snarky alternatives.

In this case, Davis appears to have invited thieves to test his promise, and they discovered its fatal flaw: While it may be possible to limit your liability to ID theft, you can't actually prevent someone from stealing your SSN and then trying to use it. As long as they find a vendor lax enough not to check, the theft will be successful.

In fact there are lots of negative answers to be found about Lifelock's "guaranteed" ID protection service. Among them:

  • Lifelock will not honor its deal unless the theft occurs "because of some failure or defect in our service,"
  • The "$1 Million Total Service Guarantee" does not cover: lost wages or business profits, loss of business or lost opportunities and direct out-of-pocket expenses like postage stamps, gas or mileage to go to local authorities, or any notary public fees, etc.
And, in the small print:
  • You agree that LifeLock will not make payments to you for any loss or liability you may incur.
The service seems even less appealing if you read the FTC's statement on the $12 million false advertising settlement with Lifelock. The company offers no protections against:
  • the misuse of existing accounts, the most common type of identity theft.
  • medical identity theft
  • employment identity theft
It will come as no surprise that the company is beseiged by litigation.

UPDATE: LifeLock provided this statement from Davis:

Since 2005 there have been hundreds of unsuccessful attempts to use my personal information, attempts that were stopped by the service provided by LifeLock. To our knowledge, there have been 13 successful uses of my information over the past five years, however we are not aware of any new incidents in more than a year. In each of these cases, our Member Services Team performed the same service that it would for any LifeLock member. I was never out any money, I was saved many of hours of invaluable time and my credit report has been corrected. Some of the successful attempts were not true identity thefts, but rather false entries on my credit file to people with similar names but different addresses -- clearly, not me. Others were precisely why LifeLock transitioned from relying on fraud alerts to relying on the LifeLock Identity Alertâ„¢ system: not all creditors check with the credit bureaus to validate that the proper person is opening a new account. LifeLock Identity Alerts, however, are designed to be more comprehensive in scope and protect against this type of unauthorized use of personal information. Indeed, in just the last eight months we have provided more than 310,000 alerts to our members. While some may want to focus on old news or events from years ago, LifeLock has been leading the industry by continuously developing new and innovative proactive solutions, educating thousands of law enforcement officials and assisting victims.