LifeLock, an identity theft and data protection company, has reached a tentative proposed settlement with the FTC regarding deceptive marketing claims.

Privacy and security attorney Ron Raether, a partner at the law firm Troutman Sanders LLP, says that it appears, based on what LifeLock disclosed so far, that the FTC may not be demanding additional behavioral changes by LifeLock beyond what was in the 2010 consent order because “such broad language was used to begin with in the behavioral changes” included in the 2010 order.

LifeLock had faced possible FTC penalties of $16,000 per consumer, per violation, based on the alleged failure to comply with the FTC’s previous consent order, he says.

The main lesson served up to other security information services firms by the FTC case against LifeLock, Raether says, is that “companies need to be conscious of the language of FTC consent orders.”  He says marketing of products needs to be “tempered for puffery.”

“This is a lesson for companies to not overstate the capabilities of their products,” he says.

The full article with Raether’s commentary can be found at