fringe: Judge Rules LifeLocks Fraud Alert Service Illegal

[security curmudgeon <jericho () attrition org>]

http://www.wired.com/threatlevel/2009/05/lifelock/

Judge Rules LifeLocks Fraud Alert Service Illegal
By Kim Zetter
May 27, 2009

In a decision that has privacy advocates and others scratching their 
heads, a federal judge has ruled that LifeLock has been breaking 
California law for years by placing fraud alerts on its customers credit 
profiles.

The decision is a blow to the burgeoning identify-theft protection 
industry, and means that companies that experience data breaches may no 
longer be able to offer victims free subscriptions to such services  a 
standard damage-control tactic in recent years. Consumers can still place 
fraud alerts by contacting one of the three U.S. credit reporting agencies 
directly.

Bo Holland, founder and CEO of Debix, a competitor of LifeLock, called the 
ruling dramatic and unexpected.

It causes a real shift in the industry, he told Threat Level.

[..]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php